From: Anup Patel <anup@brainfault.org>
To: Weiwei Li <liweiwei@iscas.ac.cn>
Cc: palmer@dabbelt.com, alistair.francis@wdc.com,
bin.meng@windriver.com, qemu-riscv@nongnu.org,
qemu-devel@nongnu.org, wangjunqiang@iscas.ac.cn,
lazyparser@gmail.com
Subject: Re: [PATCH] target/riscv: Fix priority of csr related check in riscv_csrrw_check
Date: Thu, 4 Aug 2022 22:01:24 +0530 [thread overview]
Message-ID: <CAAhSdy1L3jDfFea5Lum3MvQXrvYyzMpJjOGX2D3Aqb_vv2ZPow@mail.gmail.com> (raw)
In-Reply-To: <b6844eec-77db-1a6c-a518-7aa934d107d4@iscas.ac.cn>
On Thu, Aug 4, 2022 at 5:59 PM Weiwei Li <liweiwei@iscas.ac.cn> wrote:
>
>
> 在 2022/8/4 上午11:38, Anup Patel 写道:
> > On Wed, Aug 3, 2022 at 6:16 PM Weiwei Li <liweiwei@iscas.ac.cn> wrote:
> >> Normally, riscv_csrrw_check is called when executing Zicsr instructions.
> >> And we can only do access control for existed CSRs. So the priority of
> >> CSR related check, from highest to lowest, should be as follows:
> >> 1) check whether Zicsr is supported: raise RISCV_EXCP_ILLEGAL_INST if not
> >> 2) check whether csr is existed: raise RISCV_EXCP_ILLEGAL_INST if not
> >> 3) do access control: raise RISCV_EXCP_ILLEGAL_INST or RISCV_EXCP_VIRT_
> >> INSTRUCTION_FAULT if not allowed
> >>
> >> The predicates contain parts of function of both 2) and 3), So they need
> >> to be placed in the middle of riscv_csrrw_check
> >>
> >> Signed-off-by: Weiwei Li <liweiwei@iscas.ac.cn>
> >> Signed-off-by: Junqiang Wang <wangjunqiang@iscas.ac.cn>
> >> ---
> >> target/riscv/csr.c | 44 +++++++++++++++++++++++++-------------------
> >> 1 file changed, 25 insertions(+), 19 deletions(-)
> >>
> >> diff --git a/target/riscv/csr.c b/target/riscv/csr.c
> >> index 0fb042b2fd..d81f466c80 100644
> >> --- a/target/riscv/csr.c
> >> +++ b/target/riscv/csr.c
> >> @@ -3270,6 +3270,30 @@ static inline RISCVException riscv_csrrw_check(CPURISCVState *env,
> >> /* check privileges and return RISCV_EXCP_ILLEGAL_INST if check fails */
> >> int read_only = get_field(csrno, 0xC00) == 3;
> >> int csr_min_priv = csr_ops[csrno].min_priv_ver;
> >> +
> >> + /* ensure the CSR extension is enabled. */
> >> + if (!cpu->cfg.ext_icsr) {
> >> + return RISCV_EXCP_ILLEGAL_INST;
> >> + }
> >> +
> >> + if (env->priv_ver < csr_min_priv) {
> >> + return RISCV_EXCP_ILLEGAL_INST;
> > This line breaks nested virtualization because for nested virtualization
> > to work, the guest hypervisor accessing h<xyz> and vs<xyz> CSRs from
> > VS-mode should result in a virtual instruction trap not illegal
> > instruction trap.
> >
> > Regards,
> > Anup
>
> Do you mean "if (env->priv_ver < csr_min_priv)" ?
I got confused with the csr_min_priv name. This variable holds
min priv spec verison and not the privilege level required for
the CSR.
No issues with the "if (env->priv_ver < csr_min_priv)" check.
Regards,
Anup
>
> If so, I think illegal instruction trap is better, since the csr is not
> implemented(or existed) when
>
> env->priv_ver < csr_min_priv and virtual instruction trap is only raised
> for implemented csr access.
>
> Regards,
>
> Weiwei Li
>
> >> + }
> >> +
> >> + /* check predicate */
> >> + if (!csr_ops[csrno].predicate) {
> >> + return RISCV_EXCP_ILLEGAL_INST;
> >> + }
> >> +
> >> + if (write_mask && read_only) {
> >> + return RISCV_EXCP_ILLEGAL_INST;
> >> + }
> >> +
> >> + RISCVException ret = csr_ops[csrno].predicate(env, csrno);
> >> + if (ret != RISCV_EXCP_NONE) {
> >> + return ret;
> >> + }
> >> +
> >> #if !defined(CONFIG_USER_ONLY)
> >> int csr_priv, effective_priv = env->priv;
> >>
> >> @@ -3290,25 +3314,7 @@ static inline RISCVException riscv_csrrw_check(CPURISCVState *env,
> >> return RISCV_EXCP_ILLEGAL_INST;
> >> }
> >> #endif
> >> - if (write_mask && read_only) {
> >> - return RISCV_EXCP_ILLEGAL_INST;
> >> - }
> >> -
> >> - /* ensure the CSR extension is enabled. */
> >> - if (!cpu->cfg.ext_icsr) {
> >> - return RISCV_EXCP_ILLEGAL_INST;
> >> - }
> >> -
> >> - /* check predicate */
> >> - if (!csr_ops[csrno].predicate) {
> >> - return RISCV_EXCP_ILLEGAL_INST;
> >> - }
> >> -
> >> - if (env->priv_ver < csr_min_priv) {
> >> - return RISCV_EXCP_ILLEGAL_INST;
> >> - }
> >> -
> >> - return csr_ops[csrno].predicate(env, csrno);
> >> + return RISCV_EXCP_NONE;
> >> }
> >>
> >> static RISCVException riscv_csrrw_do64(CPURISCVState *env, int csrno,
> >> --
> >> 2.17.1
> >>
> >>
>
next prev parent reply other threads:[~2022-08-04 16:36 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-03 12:36 [PATCH] target/riscv: Fix priority of csr related check in riscv_csrrw_check Weiwei Li
2022-08-04 3:38 ` Anup Patel
2022-08-04 12:29 ` Weiwei Li
2022-08-04 16:31 ` Anup Patel [this message]
2022-08-05 4:03 ` Alistair Francis
2022-08-05 5:02 ` Alistair Francis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAAhSdy1L3jDfFea5Lum3MvQXrvYyzMpJjOGX2D3Aqb_vv2ZPow@mail.gmail.com \
--to=anup@brainfault.org \
--cc=alistair.francis@wdc.com \
--cc=bin.meng@windriver.com \
--cc=lazyparser@gmail.com \
--cc=liweiwei@iscas.ac.cn \
--cc=palmer@dabbelt.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-riscv@nongnu.org \
--cc=wangjunqiang@iscas.ac.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).