From: Alistair Francis <alistair23@gmail.com>
To: Alexandre Ghiti <alexghiti@rivosinc.com>
Cc: Palmer Dabbelt <palmer@dabbelt.com>,
Alistair Francis <alistair.francis@wdc.com>,
Bin Meng <bin.meng@windriver.com>,
qemu-riscv@nongnu.org, qemu-devel@nongnu.org,
Andrea Parri <andrea@rivosinc.com>
Subject: Re: [PATCH v3] riscv: Make sure an exception is raised if a pte is malformed
Date: Fri, 21 Apr 2023 08:58:05 +1000 [thread overview]
Message-ID: <CAKmqyKOWy2ffcB72bJrF1U7ksa+eCsbencX1v-w96CN8+Hb-Yw@mail.gmail.com> (raw)
In-Reply-To: <20230420150220.60919-1-alexghiti@rivosinc.com>
On Fri, Apr 21, 2023 at 1:07 AM Alexandre Ghiti <alexghiti@rivosinc.com> wrote:
>
> As per the specification, in 64-bit, if any of the pte reserved bits
> 60-54 is set an exception should be triggered (see 4.4.1, "Addressing and
> Memory Protection"). In addition, we must check the napot/pbmt bits are
> not set if those extensions are not active.
>
> Reported-by: Andrea Parri <andrea@rivosinc.com>
> Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Thanks!
Applied to riscv-to-apply.next
Alistair
> ---
> Changes in v3:
> - Rebase on top of https://github.com/alistair23/qemu/tree/riscv-to-apply.next
>
> Changes in v2:
> - Handle napot and pbmt exception
>
> target/riscv/cpu_bits.h | 1 +
> target/riscv/cpu_helper.c | 15 +++++++++++----
> 2 files changed, 12 insertions(+), 4 deletions(-)
>
> diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h
> index fb63b8e125..59f0ffd9e1 100644
> --- a/target/riscv/cpu_bits.h
> +++ b/target/riscv/cpu_bits.h
> @@ -644,6 +644,7 @@ typedef enum {
> #define PTE_SOFT 0x300 /* Reserved for Software */
> #define PTE_PBMT 0x6000000000000000ULL /* Page-based memory types */
> #define PTE_N 0x8000000000000000ULL /* NAPOT translation */
> +#define PTE_RESERVED 0x1FC0000000000000ULL /* Reserved bits */
> #define PTE_ATTR (PTE_N | PTE_PBMT) /* All attributes bits */
>
> /* Page table PPN shift amount */
> diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
> index b68dcfe7b6..57d04385f1 100644
> --- a/target/riscv/cpu_helper.c
> +++ b/target/riscv/cpu_helper.c
> @@ -927,13 +927,20 @@ restart:
>
> if (riscv_cpu_sxl(env) == MXL_RV32) {
> ppn = pte >> PTE_PPN_SHIFT;
> - } else if (pbmte || riscv_cpu_cfg(env)->ext_svnapot) {
> - ppn = (pte & (target_ulong)PTE_PPN_MASK) >> PTE_PPN_SHIFT;
> } else {
> - ppn = pte >> PTE_PPN_SHIFT;
> - if ((pte & ~(target_ulong)PTE_PPN_MASK) >> PTE_PPN_SHIFT) {
> + if (pte & PTE_RESERVED) {
> + return TRANSLATE_FAIL;
> + }
> +
> + if (!pbmte && (pte & PTE_PBMT)) {
> return TRANSLATE_FAIL;
> }
> +
> + if (!riscv_cpu_cfg(env)->ext_svnapot && (pte & PTE_N)) {
> + return TRANSLATE_FAIL;
> + }
> +
> + ppn = (pte & (target_ulong)PTE_PPN_MASK) >> PTE_PPN_SHIFT;
> }
>
> if (!(pte & PTE_V)) {
> --
> 2.37.2
>
>
prev parent reply other threads:[~2023-04-20 22:59 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-20 15:02 [PATCH v3] riscv: Make sure an exception is raised if a pte is malformed Alexandre Ghiti
2023-04-20 22:58 ` Alistair Francis [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKmqyKOWy2ffcB72bJrF1U7ksa+eCsbencX1v-w96CN8+Hb-Yw@mail.gmail.com \
--to=alistair23@gmail.com \
--cc=alexghiti@rivosinc.com \
--cc=alistair.francis@wdc.com \
--cc=andrea@rivosinc.com \
--cc=bin.meng@windriver.com \
--cc=palmer@dabbelt.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-riscv@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).