From: "Cédric Le Goater" <clg@kaod.org>
To: qemu-ppc@nongnu.org, qemu-devel@nongnu.org
Cc: "Peter Maydell" <peter.maydell@linaro.org>,
"Daniel Henrique Barboza" <danielhb413@gmail.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Greg Kurz" <groug@kaod.org>,
qemu-stable@nongnu.org, "Vitaly Cheptsov" <cheptsov@ispras.ru>,
"Cédric Le Goater" <clg@kaod.org>,
"David Gibson" <david@gibson.dropbear.id.au>
Subject: [PULL 03/41] target/ppc/mmu_common: Fix SRR1/MSR error code on Book-E
Date: Mon, 31 Jan 2022 12:07:33 +0100 [thread overview]
Message-ID: <20220131110811.619053-4-clg@kaod.org> (raw)
In-Reply-To: <20220131110811.619053-1-clg@kaod.org>
From: Vitaly Cheptsov <cheptsov@ispras.ru>
Book-E architecture does not set the error code in 31:27 bits
of SRR1, but instead uses these bits for custom fields such
as GS (Guest Supervisor).
Wrongly setting these fields will result in QEMU crashes
when attempting to execute not executable code due to the attempts
to use Guest Supervisor mode.
Cc: "Cédric Le Goater" <clg@kaod.org>
Cc: Daniel Henrique Barboza <danielhb413@gmail.com>
Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: Greg Kurz <groug@kaod.org>
Cc: qemu-ppc@nongnu.org
Cc: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org
Signed-off-by: Vitaly Cheptsov <cheptsov@ispras.ru>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220121093107.15478-1-cheptsov@ispras.ru>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
---
target/ppc/mmu_common.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/target/ppc/mmu_common.c b/target/ppc/mmu_common.c
index 91270c1f17eb..6512ee031cfc 100644
--- a/target/ppc/mmu_common.c
+++ b/target/ppc/mmu_common.c
@@ -1367,22 +1367,34 @@ static bool ppc_jumbo_xlate(PowerPCCPU *cpu, vaddr eaddr,
case -2:
/* Access rights violation */
cs->exception_index = POWERPC_EXCP_ISI;
- env->error_code = 0x08000000;
+ if ((env->mmu_model == POWERPC_MMU_BOOKE) ||
+ (env->mmu_model == POWERPC_MMU_BOOKE206)) {
+ env->error_code = 0;
+ } else {
+ env->error_code = 0x08000000;
+ }
break;
case -3:
/* No execute protection violation */
if ((env->mmu_model == POWERPC_MMU_BOOKE) ||
(env->mmu_model == POWERPC_MMU_BOOKE206)) {
env->spr[SPR_BOOKE_ESR] = 0x00000000;
+ env->error_code = 0;
+ } else {
+ env->error_code = 0x10000000;
}
cs->exception_index = POWERPC_EXCP_ISI;
- env->error_code = 0x10000000;
break;
case -4:
/* Direct store exception */
/* No code fetch is allowed in direct-store areas */
cs->exception_index = POWERPC_EXCP_ISI;
- env->error_code = 0x10000000;
+ if ((env->mmu_model == POWERPC_MMU_BOOKE) ||
+ (env->mmu_model == POWERPC_MMU_BOOKE206)) {
+ env->error_code = 0;
+ } else {
+ env->error_code = 0x10000000;
+ }
break;
}
} else {
--
2.34.1
next prev parent reply other threads:[~2022-01-31 13:35 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-31 11:07 [PULL 00/41] ppc queue Cédric Le Goater
2022-01-31 11:07 ` [PULL 01/41] spapr: Force 32bit when resetting a core Cédric Le Goater
2022-01-31 11:07 ` [PULL 02/41] target/ppc: 603: fix restore of GPRs 0-3 on rfi Cédric Le Goater
2022-01-31 12:01 ` Mark Cave-Ayland
2022-01-31 14:11 ` Cédric Le Goater
2022-01-31 16:59 ` Mark Cave-Ayland
2022-01-31 17:04 ` Peter Maydell
2022-01-31 19:00 ` Mark Cave-Ayland
2022-01-31 17:50 ` Cédric Le Goater
2022-01-31 19:08 ` Mark Cave-Ayland
2022-02-01 8:01 ` Cédric Le Goater
2022-01-31 11:07 ` Cédric Le Goater [this message]
2022-01-31 11:07 ` [PULL 04/41] ppc/pnv: Fail DMA access if page permissions are not correct Cédric Le Goater
2022-01-31 11:07 ` [PULL 05/41] ppc/pnv: use a do-while() loop in pnv_phb3_translate_tve() Cédric Le Goater
2022-01-31 11:07 ` [PULL 06/41] ppc/pnv: use a do-while() loop in pnv_phb4_translate_tve() Cédric Le Goater
2022-01-31 11:07 ` [PULL 07/41] ppc/xive: check return value of ldq_be_dma() Cédric Le Goater
2022-01-31 11:07 ` [PULL 08/41] target/ppc: fix 'skip KVM' cond in cpu_interrupt_exittb() Cédric Le Goater
2022-01-31 11:07 ` [PULL 09/41] spapr.c: check bus != NULL in spapr_get_fw_dev_path() Cédric Le Goater
2022-01-31 11:07 ` [PULL 10/41] target/ppc: Fix test on mmu_model in hreg_compute_hflags_value() Cédric Le Goater
2022-01-31 11:07 ` [PULL 11/41] target/ppc: Put do_rfi under a TCG-only block Cédric Le Goater
2022-01-31 11:07 ` [PULL 12/41] hw/ppc/vof: Add missing includes Cédric Le Goater
2022-01-31 11:07 ` [PULL 13/41] ppc/ppc405: Fix TLB flushing Cédric Le Goater
2022-01-31 11:07 ` [PULL 14/41] target/ppc: 405: Rename MSR_POW to MSR_WE Cédric Le Goater
2022-01-31 11:07 ` [PULL 15/41] target/ppc: 405: Add missing MSR_ME bit Cédric Le Goater
2022-01-31 11:07 ` [PULL 16/41] target/ppc: Introduce powerpc_excp_40x Cédric Le Goater
2022-01-31 11:07 ` [PULL 17/41] target/ppc: Simplify powerpc_excp_40x Cédric Le Goater
2022-01-31 11:07 ` [PULL 18/41] target/ppc: 405: Critical exceptions cleanup Cédric Le Goater
2022-01-31 11:07 ` [PULL 19/41] target/ppc: 405: Machine check exception cleanup Cédric Le Goater
2022-01-31 11:07 ` [PULL 20/41] target/ppc: 405: External " Cédric Le Goater
2022-01-31 11:07 ` [PULL 21/41] target/ppc: 405: System call " Cédric Le Goater
2022-01-31 11:07 ` [PULL 22/41] target/ppc: 405: Alignment " Cédric Le Goater
2022-01-31 11:07 ` [PULL 23/41] target/ppc: 405: Debug " Cédric Le Goater
2022-01-31 11:07 ` [PULL 24/41] target/ppc: 405: Data Storage " Cédric Le Goater
2022-01-31 11:07 ` [PULL 25/41] target/ppc: 405: Instruction storage interrupt cleanup Cédric Le Goater
2022-01-31 11:07 ` [PULL 26/41] target/ppc: 405: Program exception cleanup Cédric Le Goater
2022-01-31 11:07 ` [PULL 27/41] target/ppc: 405: Watchdog timer " Cédric Le Goater
2022-01-31 11:07 ` [PULL 28/41] target/ppc: Introduce powerpc_excp_books Cédric Le Goater
2022-01-31 11:07 ` [PULL 29/41] target/ppc: Simplify powerpc_excp_books Cédric Le Goater
2022-01-31 11:08 ` [PULL 30/41] target/ppc: books: Machine Check exception cleanup Cédric Le Goater
2022-01-31 11:08 ` [PULL 31/41] target/ppc: books: External interrupt cleanup Cédric Le Goater
2022-01-31 11:08 ` [PULL 32/41] target/ppc: books: Program exception cleanup Cédric Le Goater
2022-01-31 11:08 ` [PULL 33/41] target/ppc: Introduce powerpc_excp_74xx Cédric Le Goater
2022-01-31 11:08 ` [PULL 34/41] target/ppc: Simplify powerpc_excp_74xx Cédric Le Goater
2022-01-31 11:08 ` [PULL 35/41] target/ppc: 74xx: Machine Check exception cleanup Cédric Le Goater
2022-01-31 11:08 ` [PULL 36/41] target/ppc: 74xx: External interrupt cleanup Cédric Le Goater
2022-01-31 11:08 ` [PULL 37/41] target/ppc: 74xx: Program exception cleanup Cédric Le Goater
2022-01-31 11:08 ` [PULL 38/41] target/ppc: 74xx: System Call " Cédric Le Goater
2022-01-31 11:08 ` [PULL 39/41] target/ppc: 74xx: System Reset interrupt cleanup Cédric Le Goater
2022-01-31 11:08 ` [PULL 40/41] target/ppc: 74xx: Set SRRs directly in exception code Cédric Le Goater
2022-01-31 11:08 ` [PULL 41/41] target/ppc: Remove support for the PowerPC 602 CPU Cédric Le Goater
2022-01-31 19:02 ` [PULL 00/41] ppc queue Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220131110811.619053-4-clg@kaod.org \
--to=clg@kaod.org \
--cc=cheptsov@ispras.ru \
--cc=danielhb413@gmail.com \
--cc=david@gibson.dropbear.id.au \
--cc=groug@kaod.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=qemu-stable@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).