From nobody Mon Feb  9 09:34:21 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 216.205.24.124 as permitted sender) client-ip=216.205.24.124;
 envelope-from=philmd@redhat.com; helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1629736946; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Bik+PPWZw4N1J2uLvjIpyBm8Cp5YPcg64YtocUI1adhfA81UWQby9ipf5QHBv4o6ED1S4cBCC88Lxw1hHax3U4wjYPugVaBHR3r+Q7660jfCf69WHwIZmV54YGSikJz4RBZuJhOT4dY0gZSZR7iN/Y3GsPgoYFX3OfR5MxRrmQI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1629736946;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To;
	bh=U6o7mUiS+x+yoYgYKCe3zRTvEmO9Jt50OpWWKAuJ49Y=;
	b=bCsZbIVsIT/zWM0+qnJIBiLchqC9G/MxYe7q/BjGVWwJRUFXCw8wYfXE4EMaNvLWf3MvdwAedWHyHcr2X/HGQAhh61Ni/aAcRT2V+b+wui4yldY8Vj1oueECFbGs7K3eh8vj67nyEVZZvwm2qV89CO+szAzUrtILti6yaVIKroE=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=philmd@redhat.com;
	dmarc=pass header.from=<philmd@redhat.com> (p=none dis=none)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com
	with SMTPS id 1629736945998198.14170421745575;
 Mon, 23 Aug 2021 09:42:25 -0700 (PDT)
Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com
 [209.85.128.69]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-583-VuCVScu5OK6c0QevYYpfCA-1; Mon, 23 Aug 2021 12:42:23 -0400
Received: by mail-wm1-f69.google.com with SMTP id
 o20-20020a05600c379400b002e755735eedso207670wmr.0
        for <importer@patchew.org>; Mon, 23 Aug 2021 09:42:23 -0700 (PDT)
Return-Path: <philmd@redhat.com>
Return-Path: <philmd@redhat.com>
Received: from x1w.. (163.red-83-52-55.dynamicip.rima-tde.net. [83.52.55.163])
        by smtp.gmail.com with ESMTPSA id
 s16sm8505653wrw.44.2021.08.23.09.42.21
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 23 Aug 2021 09:42:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1629736944;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=U6o7mUiS+x+yoYgYKCe3zRTvEmO9Jt50OpWWKAuJ49Y=;
	b=PCGBpfpFaZLjYasU8P5D1Q+PzXu937UUu46siQYfyNn9ReyHMrp6FZArgH1c0PPcS/eZD8
	riJXLViy3LbYIXSuwWpZWl1GMSqjpfIjtQmvUctFHEHZtydeMOIytXt5kwqCJl4BBEQGq2
	fFjY3MoBGTGgYd3a5NeSxQu2jw0cSZA=
X-MC-Unique: VuCVScu5OK6c0QevYYpfCA-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=U6o7mUiS+x+yoYgYKCe3zRTvEmO9Jt50OpWWKAuJ49Y=;
        b=bnGJvtbWdRbaOZrOBWVEmWT5ADJjnWJkoh/7qXv9NhqBgbyZ1lyoO3qLypx3bbdPE0
         jqsWMKH5ETcw2WVDj+GJPgoHz0DyY4+bOnsO26nw1L9Qtyr2OSZgGgxPMKKDmNlsHbr3
         52A+3dW+V4klojF/zDpNMRUPjvVkAkfppcJtMJ1PMF7x23y6shMwV3g1tZ1dgoiJfziN
         5Lutc+5KJxfv0l8ZlIlBiudpGR+4uRtDWb1FMicQYmQ2D5WCnRafOiuOCY8gpZ10ljc3
         czR4NHHbzCw5MWIWn8M/IYSVqDTuOXIWkVIOKMT2QHaMRnFZawcbYCP9tOEFk/J2sBoX
         uU4A==
X-Gm-Message-State: AOAM530gOFhPPLQyhkWtU2mlFnoFg3jaeqiPc+NLfQ/GUGH8yzoqlvfy
	j6AFMCxWYf1VEsPMODQVMLi8jEgbMhakHog9QU/pC92rHeyDkN5SghsxP3iKMQPF343IMYLQTbm
	0eq34nNT7BsHVDg==
X-Received: by 2002:a05:600c:241:: with SMTP id
 1mr11269903wmj.93.1629736942290;
        Mon, 23 Aug 2021 09:42:22 -0700 (PDT)
X-Google-Smtp-Source: 
 ABdhPJxK8E4wJeqKC1vHJvRWr2gaLqg/4qrJHs8pGEpSWPboeu5B5479K8sbltqGJ0DurBZf1G/EaQ==
X-Received: by 2002:a05:600c:241:: with SMTP id
 1mr11269882wmj.93.1629736942128;
        Mon, 23 Aug 2021 09:42:22 -0700 (PDT)
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
To: qemu-devel@nongnu.org
Cc: Alexander Bulekov <alxndr@bu.edu>,
	David Hildenbrand <david@redhat.com>,
	"Edgar E . Iglesias" <edgar.iglesias@gmail.com>,
	Peter Maydell <peter.maydell@linaro.org>,
	Stefan Hajnoczi <stefanha@redhat.com>,
	Jason Wang <jasowang@redhat.com>,
	qemu-arm@nongnu.org,
	Qiuhao Li <Qiuhao.Li@outlook.com>,
	Peter Xu <peterx@redhat.com>,
	Li Qiang <liq3ea@gmail.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Subject: [RFC PATCH v2 5/5] softmmu/physmem: Have flaview API check
 MemTxAttrs::bus_perm field
Date: Mon, 23 Aug 2021 18:41:57 +0200
Message-Id: <20210823164157.751807-6-philmd@redhat.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20210823164157.751807-1-philmd@redhat.com>
References: <20210823164157.751807-1-philmd@redhat.com>
MIME-Version: 1.0
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=philmd@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1629736947157100001

Check bus permission in flatview_access_allowed() before
running any bus transaction.

There is not change for the default case (MEMTXPERM_UNSPECIFIED).

The MEMTXPERM_UNRESTRICTED case works as an allow list. Devices
using it won't be checked by flatview_access_allowed().

The only deny list equivalent is MEMTXPERM_RAM_DEVICE: devices
using this flag will reject transactions and set the optional
MemTxResult to MEMTX_BUS_ERROR.

Signed-off-by: Philippe Mathieu-Daud=C3=A9 <philmd@redhat.com>
---
 softmmu/physmem.c | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/softmmu/physmem.c b/softmmu/physmem.c
index 0d31a2f4199..329542dba75 100644
--- a/softmmu/physmem.c
+++ b/softmmu/physmem.c
@@ -2772,7 +2772,22 @@ static inline bool flatview_access_allowed(MemoryReg=
ion *mr, MemTxAttrs attrs,
                                            hwaddr addr, hwaddr len,
                                            MemTxResult *result)
 {
-    return true;
+    if (unlikely(attrs.bus_perm =3D=3D MEMTXPERM_RAM_DEVICE)) {
+        if (memory_region_is_ram(mr) || memory_region_is_ram_device(mr)) {
+            return true;
+        }
+        qemu_log_mask(LOG_GUEST_ERROR,
+                      "Invalid access to non-RAM device at "
+                      "addr 0x%" HWADDR_PRIX ", size %" HWADDR_PRIu ", "
+                      "region '%s'\n", addr, len, memory_region_name(mr));
+        if (result) {
+            *result |=3D MEMTX_BUS_ERROR;
+        }
+        return false;
+    } else {
+        /* MEMTXPERM_UNRESTRICTED and MEMTXPERM_UNSPECIFIED cases */
+        return true;
+    }
 }
=20
 /* Called within RCU critical section.  */
--=20
2.31.1