1. Patchew
  2. QEMU
  3. View series

[PATCH v3] riscv: Make sure an exception is raised if a pte is malformed

Alexandre Ghiti posted 1 patch 1 year ago
Failed in applying to current master (apply log)
target/riscv/cpu_bits.h   |  1 +
target/riscv/cpu_helper.c | 15 +++++++++++----
2 files changed, 12 insertions(+), 4 deletions(-)
[PATCH v3] riscv: Make sure an exception is raised if a pte is malformed
Posted by Alexandre Ghiti 1 year ago 
As per the specification, in 64-bit, if any of the pte reserved bits
60-54 is set an exception should be triggered (see 4.4.1, "Addressing and
Memory Protection"). In addition, we must check the napot/pbmt bits are
not set if those extensions are not active.

Reported-by: Andrea Parri <andrea@rivosinc.com>
Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
---
Changes in v3:
- Rebase on top of https://github.com/alistair23/qemu/tree/riscv-to-apply.next

Changes in v2:
- Handle napot and pbmt exception

 target/riscv/cpu_bits.h   |  1 +
 target/riscv/cpu_helper.c | 15 +++++++++++----
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h
index fb63b8e125..59f0ffd9e1 100644
--- a/target/riscv/cpu_bits.h
+++ b/target/riscv/cpu_bits.h
@@ -644,6 +644,7 @@ typedef enum {
 #define PTE_SOFT            0x300 /* Reserved for Software */
 #define PTE_PBMT            0x6000000000000000ULL /* Page-based memory types */
 #define PTE_N               0x8000000000000000ULL /* NAPOT translation */
+#define PTE_RESERVED        0x1FC0000000000000ULL /* Reserved bits */
 #define PTE_ATTR            (PTE_N | PTE_PBMT) /* All attributes bits */
 
 /* Page table PPN shift amount */
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index b68dcfe7b6..57d04385f1 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -927,13 +927,20 @@ restart:
 
         if (riscv_cpu_sxl(env) == MXL_RV32) {
             ppn = pte >> PTE_PPN_SHIFT;
-        } else if (pbmte || riscv_cpu_cfg(env)->ext_svnapot) {
-            ppn = (pte & (target_ulong)PTE_PPN_MASK) >> PTE_PPN_SHIFT;
         } else {
-            ppn = pte >> PTE_PPN_SHIFT;
-            if ((pte & ~(target_ulong)PTE_PPN_MASK) >> PTE_PPN_SHIFT) {
+            if (pte & PTE_RESERVED) {
+                return TRANSLATE_FAIL;
+            }
+
+            if (!pbmte && (pte & PTE_PBMT)) {
                 return TRANSLATE_FAIL;
             }
+
+            if (!riscv_cpu_cfg(env)->ext_svnapot && (pte & PTE_N)) {
+                return TRANSLATE_FAIL;
+            }
+
+            ppn = (pte & (target_ulong)PTE_PPN_MASK) >> PTE_PPN_SHIFT;
         }
 
         if (!(pte & PTE_V)) {
-- 
2.37.2
Re: [PATCH v3] riscv: Make sure an exception is raised if a pte is malformed
Posted by Alistair Francis 1 year ago 
On Fri, Apr 21, 2023 at 1:07 AM Alexandre Ghiti <alexghiti@rivosinc.com> wrote:
>
> As per the specification, in 64-bit, if any of the pte reserved bits
> 60-54 is set an exception should be triggered (see 4.4.1, "Addressing and
> Memory Protection"). In addition, we must check the napot/pbmt bits are
> not set if those extensions are not active.
>
> Reported-by: Andrea Parri <andrea@rivosinc.com>
> Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>

Thanks!

Applied to riscv-to-apply.next

Alistair

> ---
> Changes in v3:
> - Rebase on top of https://github.com/alistair23/qemu/tree/riscv-to-apply.next
>
> Changes in v2:
> - Handle napot and pbmt exception
>
>  target/riscv/cpu_bits.h   |  1 +
>  target/riscv/cpu_helper.c | 15 +++++++++++----
>  2 files changed, 12 insertions(+), 4 deletions(-)
>
> diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h
> index fb63b8e125..59f0ffd9e1 100644
> --- a/target/riscv/cpu_bits.h
> +++ b/target/riscv/cpu_bits.h
> @@ -644,6 +644,7 @@ typedef enum {
>  #define PTE_SOFT            0x300 /* Reserved for Software */
>  #define PTE_PBMT            0x6000000000000000ULL /* Page-based memory types */
>  #define PTE_N               0x8000000000000000ULL /* NAPOT translation */
> +#define PTE_RESERVED        0x1FC0000000000000ULL /* Reserved bits */
>  #define PTE_ATTR            (PTE_N | PTE_PBMT) /* All attributes bits */
>
>  /* Page table PPN shift amount */
> diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
> index b68dcfe7b6..57d04385f1 100644
> --- a/target/riscv/cpu_helper.c
> +++ b/target/riscv/cpu_helper.c
> @@ -927,13 +927,20 @@ restart:
>
>          if (riscv_cpu_sxl(env) == MXL_RV32) {
>              ppn = pte >> PTE_PPN_SHIFT;
> -        } else if (pbmte || riscv_cpu_cfg(env)->ext_svnapot) {
> -            ppn = (pte & (target_ulong)PTE_PPN_MASK) >> PTE_PPN_SHIFT;
>          } else {
> -            ppn = pte >> PTE_PPN_SHIFT;
> -            if ((pte & ~(target_ulong)PTE_PPN_MASK) >> PTE_PPN_SHIFT) {
> +            if (pte & PTE_RESERVED) {
> +                return TRANSLATE_FAIL;
> +            }
> +
> +            if (!pbmte && (pte & PTE_PBMT)) {
>                  return TRANSLATE_FAIL;
>              }
> +
> +            if (!riscv_cpu_cfg(env)->ext_svnapot && (pte & PTE_N)) {
> +                return TRANSLATE_FAIL;
> +            }
> +
> +            ppn = (pte & (target_ulong)PTE_PPN_MASK) >> PTE_PPN_SHIFT;
>          }
>
>          if (!(pte & PTE_V)) {
> --
> 2.37.2
>
>

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.