target/riscv/cpu_helper.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
We found that the hypervisor virtual-machine load and store instructions,
included HLVX/HLV/HSV, couldn't access guest userspace memory.
In the riscv-privileged spec, HLVX/HLV/HSV is defined as follow:
"As usual when V=1, two-stage address translation is applied, and
the HS-level sstatus.SUM is ignored."
But get_physical_address() doesn't ignore sstatus.SUM, when HLVX/HLV/HSV
accesses guest userspace memory. So this patch fixes it.
Signed-off-by: Yifei Jiang <jiangyifei@huawei.com>
Signed-off-by: Yipeng Yin <yinyipeng1@huawei.com>
---
target/riscv/cpu_helper.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index a2787b1d48..7274f971a4 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -367,7 +367,8 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical,
vm = get_field(env->hgatp, HGATP_MODE);
widened = 2;
}
- sum = get_field(env->mstatus, MSTATUS_SUM);
+ /* status.SUM will be ignored if execute on background */
+ sum = get_field(env->mstatus, MSTATUS_SUM) || use_background;
switch (vm) {
case VM_1_10_SV32:
levels = 2; ptidxbits = 10; ptesize = 4; break;
--
2.19.1
On Sun, Nov 29, 2020 at 5:37 PM Yifei Jiang <jiangyifei@huawei.com> wrote: > > We found that the hypervisor virtual-machine load and store instructions, > included HLVX/HLV/HSV, couldn't access guest userspace memory. > > In the riscv-privileged spec, HLVX/HLV/HSV is defined as follow: > "As usual when V=1, two-stage address translation is applied, and > the HS-level sstatus.SUM is ignored." > > But get_physical_address() doesn't ignore sstatus.SUM, when HLVX/HLV/HSV > accesses guest userspace memory. So this patch fixes it. > > Signed-off-by: Yifei Jiang <jiangyifei@huawei.com> > Signed-off-by: Yipeng Yin <yinyipeng1@huawei.com> Thanks! Applied to riscv-to-apply.next Alistair > --- > target/riscv/cpu_helper.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c > index a2787b1d48..7274f971a4 100644 > --- a/target/riscv/cpu_helper.c > +++ b/target/riscv/cpu_helper.c > @@ -367,7 +367,8 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, > vm = get_field(env->hgatp, HGATP_MODE); > widened = 2; > } > - sum = get_field(env->mstatus, MSTATUS_SUM); > + /* status.SUM will be ignored if execute on background */ > + sum = get_field(env->mstatus, MSTATUS_SUM) || use_background; > switch (vm) { > case VM_1_10_SV32: > levels = 2; ptidxbits = 10; ptesize = 4; break; > -- > 2.19.1 > >
On Sun, Nov 29, 2020 at 5:37 PM Yifei Jiang <jiangyifei@huawei.com> wrote: > > We found that the hypervisor virtual-machine load and store instructions, > included HLVX/HLV/HSV, couldn't access guest userspace memory. > > In the riscv-privileged spec, HLVX/HLV/HSV is defined as follow: > "As usual when V=1, two-stage address translation is applied, and > the HS-level sstatus.SUM is ignored." > > But get_physical_address() doesn't ignore sstatus.SUM, when HLVX/HLV/HSV > accesses guest userspace memory. So this patch fixes it. > > Signed-off-by: Yifei Jiang <jiangyifei@huawei.com> > Signed-off-by: Yipeng Yin <yinyipeng1@huawei.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Alistair > --- > target/riscv/cpu_helper.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c > index a2787b1d48..7274f971a4 100644 > --- a/target/riscv/cpu_helper.c > +++ b/target/riscv/cpu_helper.c > @@ -367,7 +367,8 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, > vm = get_field(env->hgatp, HGATP_MODE); > widened = 2; > } > - sum = get_field(env->mstatus, MSTATUS_SUM); > + /* status.SUM will be ignored if execute on background */ > + sum = get_field(env->mstatus, MSTATUS_SUM) || use_background; > switch (vm) { > case VM_1_10_SV32: > levels = 2; ptidxbits = 10; ptesize = 4; break; > -- > 2.19.1 > >
© 2016 - 2024 Red Hat, Inc.