diff options
| author | Richard Henderson <richard.henderson@linaro.org> | 2023-04-12 13:43:33 +0200 |
|---|---|---|
| committer | Alistair Francis <alistair.francis@wdc.com> | 2023-05-05 10:49:50 +1000 |
| commit | 38303e8a2cfca62e9073014138a5e10f711459ee (patch) | |
| tree | 91de94d6bbe095bc3e4a0b4cfd5d65a7b59d542e /target | |
| parent | e1dd15076bd8b38ed93cd8fc421f3ba8527af40d (diff) | |
| download | qemu-38303e8a2cfca62e9073014138a5e10f711459ee.zip qemu-38303e8a2cfca62e9073014138a5e10f711459ee.tar.gz qemu-38303e8a2cfca62e9073014138a5e10f711459ee.tar.bz2 | |
target/riscv: Reorg sum check in get_physical_address
Implement this by adjusting prot, which reduces the set of
checks required. This prevents exec to be set for U pages
in MMUIdx_S_SUM. While it had been technically incorrect,
it did not manifest as a bug, because we will never attempt
to execute from MMUIdx_S_SUM.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Weiwei Li <liweiwei@iscas.ac.cn>
Tested-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-Id: <20230325105429.1142530-26-richard.henderson@linaro.org>
Message-Id: <20230412114333.118895-26-richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Diffstat (limited to 'target')
| -rw-r--r-- | target/riscv/cpu_helper.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 7849e18..32a65f8 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -786,7 +786,7 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, *ret_prot = 0; hwaddr base; - int levels, ptidxbits, ptesize, vm, sum, widened; + int levels, ptidxbits, ptesize, vm, widened; if (first_stage == true) { if (use_background) { @@ -817,7 +817,7 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, } widened = 2; } - sum = mmuidx_sum(mmu_idx); + switch (vm) { case VM_1_10_SV32: levels = 2; ptidxbits = 10; ptesize = 4; break; @@ -985,15 +985,15 @@ restart: prot |= PAGE_EXEC; } - if ((pte & PTE_U) && - ((mode != PRV_U) && (!sum || access_type == MMU_INST_FETCH))) { - /* - * User PTE flags when not U mode and mstatus.SUM is not set, - * or the access type is an instruction fetch. - */ - return TRANSLATE_FAIL; - } - if (!(pte & PTE_U) && (mode != PRV_S)) { + if (pte & PTE_U) { + if (mode != PRV_U) { + if (!mmuidx_sum(mmu_idx)) { + return TRANSLATE_FAIL; + } + /* SUM allows only read+write, not execute. */ + prot &= PAGE_READ | PAGE_WRITE; + } + } else if (mode != PRV_S) { /* Supervisor PTE flags when not S mode */ return TRANSLATE_FAIL; } |