From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5F7F7C433F5 for ; Fri, 17 Dec 2021 03:30:19 +0000 (UTC) Received: from localhost ([::1]:38094 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1my3wn-0005F8-PC for qemu-devel@archiver.kernel.org; Thu, 16 Dec 2021 22:30:17 -0500 Received: from eggs.gnu.org ([209.51.188.92]:46212) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1my3vx-0004Xv-QJ; Thu, 16 Dec 2021 22:29:25 -0500 Received: from mail142-21.mail.alibaba.com ([198.11.142.21]:34768) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1my3vp-0003qk-5E; Thu, 16 Dec 2021 22:29:25 -0500 X-Alimail-AntiSpam: AC=CONTINUE; BC=0.07436283|-1; CH=green; DM=|CONTINUE|false|; DS=CONTINUE|ham_system_inform|0.00467366-0.000113613-0.995213; FP=0|0|0|0|0|-1|-1|-1; HT=ay29a033018047199; MF=zhiwei_liu@c-sky.com; NM=1; PH=DS; RN=5; RT=5; SR=0; TI=SMTPD_---.MGzHUd4_1639711734; Received: from 10.0.2.15(mailfrom:zhiwei_liu@c-sky.com fp:SMTPD_---.MGzHUd4_1639711734) by smtp.aliyun-inc.com(33.37.68.188); Fri, 17 Dec 2021 11:28:55 +0800 Subject: Re: [PATCH v3 1/1] target/riscv: Fix PMP propagation for tlb To: qemu-devel@nongnu.org, qemu-riscv@nongnu.org References: <20211123090902.23321-1-zhiwei_liu@c-sky.com> From: LIU Zhiwei Message-ID: Date: Fri, 17 Dec 2021 11:28:54 +0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 MIME-Version: 1.0 In-Reply-To: <20211123090902.23321-1-zhiwei_liu@c-sky.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Received-SPF: none client-ip=198.11.142.21; envelope-from=zhiwei_liu@c-sky.com; helo=mail142-21.mail.alibaba.com X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, NICE_REPLY_A=-0.034, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alistair.Francis@wdc.com, bin.meng@windriver.com, palmer@dabbelt.com Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" On 2021/11/23 下午5:09, LIU Zhiwei wrote: > Only the pmp index that be checked by pmp_hart_has_privs can be used > by pmp_get_tlb_size to avoid an error pmp index. > > Before modification, we may use an error pmp index. For example, > we check address 0x4fc, and the size 0x4 in pmp_hart_has_privs. If there > is an pmp rule, valid range is [0x4fc, 0x500), then pmp_hart_has_privs > will return true; > > However, this checked pmp index is discarded as pmp_hart_has_privs > return bool value. In pmp_is_range_in_tlb, it will traverse all pmp > rules. The tlb_sa will be 0x0, and tlb_ea will be 0x4fff. If there is > a pmp rule [0x10, 0x4]. It will be misused as it is legal in > pmp_get_tlb_size. > > Signed-off-by: LIU Zhiwei > --- > target/riscv/cpu_helper.c | 16 ++++++----- > target/riscv/pmp.c | 56 +++++++++++++-------------------------- > target/riscv/pmp.h | 6 ++--- > 3 files changed, 31 insertions(+), 47 deletions(-) > > diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c > index 9eeed38c7e..4239bd2ca5 100644 > --- a/target/riscv/cpu_helper.c > +++ b/target/riscv/cpu_helper.c > @@ -362,24 +362,26 @@ static int get_physical_address_pmp(CPURISCVState *env, int *prot, > int mode) > { > pmp_priv_t pmp_priv; > - target_ulong tlb_size_pmp = 0; > + int pmp_index = -1; > > if (!riscv_feature(env, RISCV_FEATURE_PMP)) { > *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC; > return TRANSLATE_SUCCESS; > } > > - if (!pmp_hart_has_privs(env, addr, size, 1 << access_type, &pmp_priv, > - mode)) { > + pmp_index = pmp_hart_has_privs(env, addr, size, 1 << access_type, > + &pmp_priv, mode); > + if (pmp_index < 0) { > *prot = 0; > return TRANSLATE_PMP_FAIL; > } > > *prot = pmp_priv_to_page_prot(pmp_priv); > - if (tlb_size != NULL) { > - if (pmp_is_range_in_tlb(env, addr & ~(*tlb_size - 1), &tlb_size_pmp)) { > - *tlb_size = tlb_size_pmp; > - } > + if ((tlb_size != NULL) && pmp_index != MAX_RISCV_PMPS) { > + target_ulong tlb_sa = addr & ~(*tlb_size - 1); > + target_ulong tlb_ea = tlb_sa + *tlb_size - 1; > + > + *tlb_size = pmp_get_tlb_size(env, pmp_index, tlb_sa, tlb_ea); > } > > return TRANSLATE_SUCCESS; > diff --git a/target/riscv/pmp.c b/target/riscv/pmp.c > index 54abf42583..1172142e34 100644 > --- a/target/riscv/pmp.c > +++ b/target/riscv/pmp.c > @@ -297,8 +297,11 @@ static bool pmp_hart_has_privs_default(CPURISCVState *env, target_ulong addr, > > /* > * Check if the address has required RWX privs to complete desired operation > + * Return PMP rule index if a pmp rule match > + * Return MAX_RISCV_PMPS if default match > + * Return negtive value if no match > */ > -bool pmp_hart_has_privs(CPURISCVState *env, target_ulong addr, > +int pmp_hart_has_privs(CPURISCVState *env, target_ulong addr, > target_ulong size, pmp_priv_t privs, pmp_priv_t *allowed_privs, > target_ulong mode) > { > @@ -310,8 +313,10 @@ bool pmp_hart_has_privs(CPURISCVState *env, target_ulong addr, > > /* Short cut if no rules */ > if (0 == pmp_get_num_rules(env)) { > - return pmp_hart_has_privs_default(env, addr, size, privs, > - allowed_privs, mode); > + if (pmp_hart_has_privs_default(env, addr, size, privs, > + allowed_privs, mode)) { > + ret = MAX_RISCV_PMPS; > + } > } > > if (size == 0) { > @@ -338,7 +343,7 @@ bool pmp_hart_has_privs(CPURISCVState *env, target_ulong addr, > if ((s + e) == 1) { > qemu_log_mask(LOG_GUEST_ERROR, > "pmp violation - access is partially inside\n"); > - ret = 0; > + ret = -1; > break; > } > > @@ -441,18 +446,22 @@ bool pmp_hart_has_privs(CPURISCVState *env, target_ulong addr, > } > } > > - ret = ((privs & *allowed_privs) == privs); > + if ((privs & *allowed_privs) == privs) { > + ret = i; > + } > break; > } > } > > /* No rule matched */ > if (ret == -1) { > - return pmp_hart_has_privs_default(env, addr, size, privs, > - allowed_privs, mode); > + if (pmp_hart_has_privs_default(env, addr, size, privs, > + allowed_privs, mode)) { > + ret = MAX_RISCV_PMPS; > + } > } > > - return ret == 1 ? true : false; > + return ret; > } > > /* > @@ -595,8 +604,8 @@ target_ulong mseccfg_csr_read(CPURISCVState *env) > * Calculate the TLB size if the start address or the end address of > * PMP entry is presented in the TLB page. > */ > -static target_ulong pmp_get_tlb_size(CPURISCVState *env, int pmp_index, > - target_ulong tlb_sa, target_ulong tlb_ea) > +target_ulong pmp_get_tlb_size(CPURISCVState *env, int pmp_index, > + target_ulong tlb_sa, target_ulong tlb_ea) > { > target_ulong pmp_sa = env->pmp_state.addr[pmp_index].sa; > target_ulong pmp_ea = env->pmp_state.addr[pmp_index].ea; Error here. Add " +    if (pmp_sa <= tlb_sa && pmp_ea >= tlb_ea) { +        return tlb_ea - tlb_sa + 1; +    } " Thanks, Zhiwei > @@ -616,33 +625,6 @@ static target_ulong pmp_get_tlb_size(CPURISCVState *env, int pmp_index, > return 0; > } > > -/* > - * Check is there a PMP entry which range covers this page. If so, > - * try to find the minimum granularity for the TLB size. > - */ > -bool pmp_is_range_in_tlb(CPURISCVState *env, hwaddr tlb_sa, > - target_ulong *tlb_size) > -{ > - int i; > - target_ulong val; > - target_ulong tlb_ea = (tlb_sa + TARGET_PAGE_SIZE - 1); > - > - for (i = 0; i < MAX_RISCV_PMPS; i++) { > - val = pmp_get_tlb_size(env, i, tlb_sa, tlb_ea); > - if (val) { > - if (*tlb_size == 0 || *tlb_size > val) { > - *tlb_size = val; > - } > - } > - } > - > - if (*tlb_size != 0) { > - return true; > - } > - > - return false; > -} > - > /* > * Convert PMP privilege to TLB page privilege. > */ > diff --git a/target/riscv/pmp.h b/target/riscv/pmp.h > index a9a0b363a7..94c0b960fb 100644 > --- a/target/riscv/pmp.h > +++ b/target/riscv/pmp.h > @@ -68,11 +68,11 @@ target_ulong mseccfg_csr_read(CPURISCVState *env); > void pmpaddr_csr_write(CPURISCVState *env, uint32_t addr_index, > target_ulong val); > target_ulong pmpaddr_csr_read(CPURISCVState *env, uint32_t addr_index); > -bool pmp_hart_has_privs(CPURISCVState *env, target_ulong addr, > +int pmp_hart_has_privs(CPURISCVState *env, target_ulong addr, > target_ulong size, pmp_priv_t privs, pmp_priv_t *allowed_privs, > target_ulong mode); > -bool pmp_is_range_in_tlb(CPURISCVState *env, hwaddr tlb_sa, > - target_ulong *tlb_size); > +target_ulong pmp_get_tlb_size(CPURISCVState *env, int pmp_index, > + target_ulong tlb_sa, target_ulong tlb_ea); > void pmp_update_rule_addr(CPURISCVState *env, uint32_t pmp_index); > void pmp_update_rule_nums(CPURISCVState *env); > uint32_t pmp_get_num_rules(CPURISCVState *env);