Re: [Qemu-devel] [PATCH 4/9] target-mips: Check memory permissions with mem_idx

[Yongbok Kim <yongbok.kim@imgtec.com>]

On 06/09/2016 12:03, James Hogan wrote:
> When performing virtual to physical address translation, check the
> required privilege level based on the mem_idx rather than the mode in
> the hflags. This will allow EVA loads & stores to operate safely only on
> user memory from kernel mode.
> 
> For the cases where the mmu_idx doesn't need to be overridden
> (mips_cpu_get_phys_page_debug() and cpu_mips_translate_address()), we
> calculate the required mmu_idx using cpu_mmu_index(). Note that this
> only tests the MIPS_HFLAG_KSU bits rather than MIPS_HFLAG_MODE, so we
> don't test the debug mode hflag MIPS_HFLAG_DM any longer. This should be
> fine as get_physical_address() only compares against MIPS_HFLAG_UM and
> MIPS_HFLAG_SM, neither of which should get set by compute_hflags() when
> MIPS_HFLAG_DM is set.
> 
> Signed-off-by: James Hogan <james.hogan@imgtec.com>
> Cc: Leon Alrae <leon.alrae@imgtec.com>
> Cc: Aurelien Jarno <aurelien@aurel32.net>
> ---
>  target-mips/helper.c | 17 +++++++++--------
>  1 file changed, 9 insertions(+), 8 deletions(-)
> 
> diff --git a/target-mips/helper.c b/target-mips/helper.c
> index 29ebf391cb94..2065fc3ec119 100644
> --- a/target-mips/helper.c
> +++ b/target-mips/helper.c
> @@ -109,11 +109,11 @@ int r4k_map_address (CPUMIPSState *env, hwaddr *physical, int *prot,
>  
>  static int get_physical_address (CPUMIPSState *env, hwaddr *physical,
>                                  int *prot, target_ulong real_address,
> -                                int rw, int access_type)
> +                                int rw, int access_type, int mmu_idx)
>  {
>      /* User mode can only access useg/xuseg */
> -    int user_mode = (env->hflags & MIPS_HFLAG_MODE) == MIPS_HFLAG_UM;
> -    int supervisor_mode = (env->hflags & MIPS_HFLAG_MODE) == MIPS_HFLAG_SM;
> +    int user_mode = mmu_idx == MIPS_HFLAG_UM;
> +    int supervisor_mode = mmu_idx == MIPS_HFLAG_SM;
>      int kernel_mode = !user_mode && !supervisor_mode;
>  #if defined(TARGET_MIPS64)
>      int UX = (env->CP0_Status & (1 << CP0St_UX)) != 0;
> @@ -413,11 +413,12 @@ static void raise_mmu_exception(CPUMIPSState *env, target_ulong address,
>  hwaddr mips_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
>  {
>      MIPSCPU *cpu = MIPS_CPU(cs);
> +    CPUMIPSState *env = &cpu->env;

Not really useful change as it is used only once but it is ok.

>      hwaddr phys_addr;
>      int prot;
>  
> -    if (get_physical_address(&cpu->env, &phys_addr, &prot, addr, 0,
> -                             ACCESS_INT) != 0) {
> +    if (get_physical_address(env, &phys_addr, &prot, addr, 0, ACCESS_INT,
> +                             cpu_mmu_index(env, false)) != 0) {
>          return -1;
>      }
>      return phys_addr;
> @@ -449,7 +450,7 @@ int mips_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
>         correctly */
>      access_type = ACCESS_INT;
>      ret = get_physical_address(env, &physical, &prot,
> -                               address, rw, access_type);
> +                               address, rw, access_type, mmu_idx);
>      qemu_log_mask(CPU_LOG_MMU,
>               "%s address=%" VADDR_PRIx " ret %d physical " TARGET_FMT_plx
>               " prot %d\n",
> @@ -479,8 +480,8 @@ hwaddr cpu_mips_translate_address(CPUMIPSState *env, target_ulong address, int r
>  
>      /* data access */
>      access_type = ACCESS_INT;
> -    ret = get_physical_address(env, &physical, &prot,
> -                               address, rw, access_type);
> +    ret = get_physical_address(env, &physical, &prot, address, rw, access_type,
> +                               cpu_mmu_index(env, false));
>      if (ret != TLBRET_MATCH) {
>          raise_mmu_exception(env, address, rw, ret);
>          return -1LL;
> 

Otherwise,

Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>


Regards,
Yongbok