Re: [RFC PATCH v2 2/2] target/ppc: make gdb able to translate priviledged addresses

[Richard Henderson <richard.henderson@linaro.org>]

On 6/14/21 12:16 PM, Bruno Larsen (billionai) wrote:
> This patch changes ppc_cpu_get_phys_page_debug so that it is now
> able to translate both, priviledged and real mode addresses
> independently of whether the CPU executing it has those permissions
> 
> This was mentioned by Fabiano as something that would be very useful to
> help with debugging, but could possibly constitute a security issue if
> that debug function can be called in some way by prodution code. the
> solution was implemented such that it would be trivial to wrap it around
> ifdefs for building only with --enable-debug, for instance, but we are
> not sure this is the best approach, hence why it is an RFC.
> 
> Suggested-by: Fabiano Rosas<farosas@linux.ibm.com>
> Signed-off-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>
> ---
>   target/ppc/mmu_helper.c | 23 +++++++++++++++++++++++
>   1 file changed, 23 insertions(+)

I think the first part is unnecessary.  Either the cpu is in supervisor mode or it isn't, 
and gdb should use the correct address space.  If you really want to force supervisor 
lookup from a guest that is paused in usermode, I suppose you could force MSR.PR=1 while 
you're performing the access and set it back afterward.

I think the second part is actively wrong -- real-mode address lookup will (for the most 
part) always succeed.  Moreover, the gdb user will have no idea that you've silently 
changed addressing methods.

r~