From: Thomas Huth <thuth@redhat.com>
To: David Hildenbrand <david@redhat.com>, qemu-devel@nongnu.org
Cc: "Jason J . Herne" <jjherne@linux.ibm.com>,
Janosch Frank <frankja@linux.ibm.com>,
Cornelia Huck <cohuck@redhat.com>,
Richard Henderson <richard.henderson@linaro.org>,
Halil Pasic <pasic@linux.ibm.com>,
Christian Borntraeger <borntraeger@de.ibm.com>,
qemu-s390x@nongnu.org, Claudio Imbrenda <imbrenda@linux.ibm.com>
Subject: Re: [PATCH v1 07/12] s390x/mmu_helper: move address validation into mmu_translate*()
Date: Fri, 6 Aug 2021 10:18:16 +0200 [thread overview]
Message-ID: <6616c45b-7d5a-3a8f-20fb-0c17113e49b1@redhat.com> (raw)
In-Reply-To: <20210805152804.100333-8-david@redhat.com>
On 05/08/2021 17.27, David Hildenbrand wrote:
> Let's move address validation into mmu_translate() and
> mmu_translate_real(). This allows for checking whether an absolute
> address is valid before looking up the storage key. We can now get rid of
> the ram_size check.
>
> Interestingly, we're already handling LOAD REAL ADDRESS wrong, because
> a) We're not supposed to touch storage keys
> b) We're not supposed to convert to an absolute address
>
> Let's use a fake, negative MMUAccessType to teach mmu_translate() to
> fix that handling and to not perform address validation.
>
> Signed-off-by: David Hildenbrand <david@redhat.com>
> ---
> target/s390x/mmu_helper.c | 36 ++++++++++++++++++++--------------
> target/s390x/tcg/excp_helper.c | 13 ------------
> target/s390x/tcg/mem_helper.c | 2 +-
> 3 files changed, 22 insertions(+), 29 deletions(-)
>
> diff --git a/target/s390x/mmu_helper.c b/target/s390x/mmu_helper.c
> index ca25dadb5b..36ab4e9c81 100644
> --- a/target/s390x/mmu_helper.c
> +++ b/target/s390x/mmu_helper.c
> @@ -301,14 +301,13 @@ static void mmu_handle_skey(target_ulong addr, int rw, int *flags)
> {
> static S390SKeysClass *skeyclass;
> static S390SKeysState *ss;
> - MachineState *ms = MACHINE(qdev_get_machine());
> uint8_t key;
> int rc;
>
> - if (unlikely(addr >= ms->ram_size)) {
> - return;
> - }
> -
> + /*
> + * We excpect to be called with an absolute address that has already been
> + * validated, such that we can reliably use it to lookup the storage key.
> + */
> if (unlikely(!ss)) {
> ss = s390_get_skeys_device();
> skeyclass = S390_SKEYS_GET_CLASS(ss);
> @@ -370,7 +369,7 @@ static void mmu_handle_skey(target_ulong addr, int rw, int *flags)
> /**
> * Translate a virtual (logical) address into a physical (absolute) address.
> * @param vaddr the virtual address
> - * @param rw 0 = read, 1 = write, 2 = code fetch
> + * @param rw 0 = read, 1 = write, 2 = code fetch, < 0 = load real address
> * @param asc address space control (one of the PSW_ASC_* modes)
> * @param raddr the translated address is stored to this pointer
> * @param flags the PAGE_READ/WRITE/EXEC flags are stored to this pointer
> @@ -449,10 +448,17 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
> }
>
> nodat:
> - /* Convert real address -> absolute address */
> - *raddr = mmu_real2abs(env, *raddr);
> + if (rw >= 0) {
> + /* Convert real address -> absolute address */
> + *raddr = mmu_real2abs(env, *raddr);
>
> - mmu_handle_skey(*raddr, rw, flags);
> + if (!mmu_absolute_addr_valid(*raddr, rw == MMU_DATA_STORE)) {
> + *tec = 0; /* unused */
> + return PGM_ADDRESSING;
> + }
> +
> + mmu_handle_skey(*raddr, rw, flags);
> + }
> return 0;
> }
>
> @@ -473,12 +479,6 @@ static int translate_pages(S390CPU *cpu, vaddr addr, int nr_pages,
> if (ret) {
> return ret;
> }
> - if (!address_space_access_valid(&address_space_memory, pages[i],
> - TARGET_PAGE_SIZE, is_write,
> - MEMTXATTRS_UNSPECIFIED)) {
> - *tec = 0; /* unused */
> - return PGM_ADDRESSING;
> - }
> addr += TARGET_PAGE_SIZE;
> }
>
> @@ -588,6 +588,12 @@ int mmu_translate_real(CPUS390XState *env, target_ulong raddr, int rw,
>
> *addr = mmu_real2abs(env, raddr & TARGET_PAGE_MASK);
>
> + if (!mmu_absolute_addr_valid(*addr, rw == MMU_DATA_STORE)) {
> + /* unused */
> + *tec = 0;
> + return PGM_ADDRESSING;
> + }
> +
> mmu_handle_skey(*addr, rw, flags);
> return 0;
> }
> diff --git a/target/s390x/tcg/excp_helper.c b/target/s390x/tcg/excp_helper.c
> index a61917d04f..3d6662a53c 100644
> --- a/target/s390x/tcg/excp_helper.c
> +++ b/target/s390x/tcg/excp_helper.c
> @@ -150,19 +150,6 @@ bool s390_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
> g_assert_not_reached();
> }
>
> - /* check out of RAM access */
> - if (!excp &&
> - !address_space_access_valid(&address_space_memory, raddr,
> - TARGET_PAGE_SIZE, access_type,
> - MEMTXATTRS_UNSPECIFIED)) {
> - MachineState *ms = MACHINE(qdev_get_machine());
> - qemu_log_mask(CPU_LOG_MMU,
> - "%s: raddr %" PRIx64 " > ram_size %" PRIx64 "\n",
> - __func__, (uint64_t)raddr, (uint64_t)ms->ram_size);
> - excp = PGM_ADDRESSING;
> - tec = 0; /* unused */
> - }
> -
> env->tlb_fill_exc = excp;
> env->tlb_fill_tec = tec;
>
> diff --git a/target/s390x/tcg/mem_helper.c b/target/s390x/tcg/mem_helper.c
> index a84795cfa3..9c1b9c7d06 100644
> --- a/target/s390x/tcg/mem_helper.c
> +++ b/target/s390x/tcg/mem_helper.c
> @@ -2456,7 +2456,7 @@ uint64_t HELPER(lra)(CPUS390XState *env, uint64_t addr)
> tcg_s390_program_interrupt(env, PGM_SPECIAL_OP, GETPC());
> }
>
> - exc = mmu_translate(env, addr, 0, asc, &ret, &flags, &tec);
> + exc = mmu_translate(env, addr, -1, asc, &ret, &flags, &tec);
Do we maybe want a #define for this -1 instead? OTOH, you've added a proper
comment to the function description, so that should be ok, too.
Reviewed-by: Thomas Huth <thuth@redhat.com>
next prev parent reply other threads:[~2021-08-06 8:19 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-05 15:27 [PATCH v1 00/12] s390x: skey related fixes, cleanups, and memory device preparations David Hildenbrand
2021-08-05 15:27 ` [PATCH v1 01/12] s390x/tcg: wrap address for RRBE David Hildenbrand
2021-08-06 5:39 ` Thomas Huth
2021-08-05 15:27 ` [PATCH v1 02/12] s390x/tcg: fix ignoring bit 63 when setting the storage key in SSKE David Hildenbrand
2021-08-06 6:19 ` Thomas Huth
2021-08-06 6:25 ` Thomas Huth
2021-08-06 6:31 ` David Hildenbrand
2021-08-05 15:27 ` [PATCH v1 03/12] s390x/tcg: convert real to absolute address for RRBE, SSKE and ISKE David Hildenbrand
2021-08-06 6:50 ` Thomas Huth
2021-08-06 6:52 ` David Hildenbrand
2021-08-06 7:11 ` Thomas Huth
2021-08-06 7:17 ` David Hildenbrand
2021-08-06 11:25 ` Cornelia Huck
2021-08-06 11:32 ` David Hildenbrand
2021-08-05 15:27 ` [PATCH v1 04/12] s390x/tcg: check for addressing exceptions for " David Hildenbrand
2021-08-05 17:33 ` David Hildenbrand
2021-08-05 15:27 ` [PATCH v1 05/12] s390x/mmu_helper: no need to pass access type to mmu_translate_asce() David Hildenbrand
2021-08-06 7:30 ` Thomas Huth
2021-08-06 7:34 ` David Hildenbrand
2021-08-06 7:36 ` Thomas Huth
2021-08-06 7:36 ` David Hildenbrand
2021-08-05 15:27 ` [PATCH v1 06/12] s390x/mmu_helper: fixup mmu_translate() documentation David Hildenbrand
2021-08-06 7:32 ` Thomas Huth
2021-08-05 15:27 ` [PATCH v1 07/12] s390x/mmu_helper: move address validation into mmu_translate*() David Hildenbrand
2021-08-06 8:18 ` Thomas Huth [this message]
2021-08-06 8:20 ` David Hildenbrand
2021-08-06 8:22 ` Thomas Huth
2021-08-06 8:23 ` David Hildenbrand
2021-08-06 8:24 ` Thomas Huth
2021-08-06 8:20 ` Thomas Huth
2021-08-05 15:28 ` [PATCH v1 08/12] s390x/mmu_helper: avoid setting the storage key if nothing changed David Hildenbrand
2021-08-06 8:24 ` Thomas Huth
2021-08-05 15:28 ` [PATCH v1 09/12] hw/s390x/s390-skeys: use memory mapping to detect which storage keys to migrate David Hildenbrand
2021-08-06 8:47 ` Thomas Huth
2021-08-05 15:28 ` [PATCH v1 10/12] hw/s390x/s390-skeys: use memory mapping to detect which storage keys to dump David Hildenbrand
2021-08-06 8:51 ` Thomas Huth
2021-08-05 15:28 ` [PATCH v1 11/12] hw/s390x/s390-skeys: check if an address is valid before dumping the key David Hildenbrand
2021-08-06 8:53 ` Thomas Huth
2021-08-06 8:54 ` David Hildenbrand
2021-08-05 15:28 ` [PATCH v1 12/12] hw/s390x/s390-skeys: lazy storage key enablement under TCG David Hildenbrand
2021-08-06 9:42 ` Thomas Huth
2021-08-06 13:18 ` David Hildenbrand
2021-08-06 13:52 ` Thomas Huth
2021-08-11 8:43 ` David Hildenbrand
2021-08-06 14:13 ` Cornelia Huck
2021-08-06 14:17 ` Thomas Huth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6616c45b-7d5a-3a8f-20fb-0c17113e49b1@redhat.com \
--to=thuth@redhat.com \
--cc=borntraeger@de.ibm.com \
--cc=cohuck@redhat.com \
--cc=david@redhat.com \
--cc=frankja@linux.ibm.com \
--cc=imbrenda@linux.ibm.com \
--cc=jjherne@linux.ibm.com \
--cc=pasic@linux.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).