[PATCH 30/47] target-i386: mmu: fix handling of noncanonical virtual add

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 30/47] target-i386: mmu: fix handling of noncanonical virtual add

From:	Michael Roth
Subject:	[PATCH 30/47] target-i386: mmu: fix handling of noncanonical virtual addresses
Date:	Tue, 14 Dec 2021 18:01:08 -0600

From: Paolo Bonzini <pbonzini@redhat.com>

mmu_translate is supposed to return an error code for page faults; it is
not able to handle other exceptions.  The #GP case for noncanonical
virtual addresses is not handled correctly, and incorrectly raised as
a page fault with error code 1.  Since it cannot happen for nested
page tables, move it directly to handle_mmu_fault, even before the
invocation of mmu_translate.

Fixes: #676
Fixes: 661ff4879e ("target/i386: extract mmu_translate", 2021-05-11)
Cc: qemu-stable@nongnu.org
Tested-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit b04dc92e013d55c9ac8082caefff45dcfb1310e7)
Signed-off-by: Michael Roth <michael.roth@amd.com>
---
 target/i386/tcg/sysemu/excp_helper.c | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/target/i386/tcg/sysemu/excp_helper.c 
b/target/i386/tcg/sysemu/excp_helper.c
index 2dea4a248e..9fb59058ef 100644
--- a/target/i386/tcg/sysemu/excp_helper.c
+++ b/target/i386/tcg/sysemu/excp_helper.c
@@ -94,15 +94,6 @@ static int mmu_translate(CPUState *cs, hwaddr addr, 
MMUTranslateFunc get_hphys_f
             bool la57 = pg_mode & PG_MODE_LA57;
             uint64_t pml5e_addr, pml5e;
             uint64_t pml4e_addr, pml4e;
-            int32_t sext;
-
-            /* test virtual address sign extension */
-            sext = la57 ? (int64_t)addr >> 56 : (int64_t)addr >> 47;
-            if (get_hphys_func && sext != 0 && sext != -1) {
-                env->error_code = 0;
-                cs->exception_index = EXCP0D_GPF;
-                return 1;
-            }
 
             if (la57) {
                 pml5e_addr = ((cr3 & ~0xfff) +
@@ -423,6 +414,18 @@ static int handle_mmu_fault(CPUState *cs, vaddr addr, int 
size,
         page_size = 4096;
     } else {
         pg_mode = get_pg_mode(env);
+        if (pg_mode & PG_MODE_LMA) {
+            int32_t sext;
+
+            /* test virtual address sign extension */
+            sext = (int64_t)addr >> (pg_mode & PG_MODE_LA57 ? 56 : 47);
+            if (sext != 0 && sext != -1) {
+                env->error_code = 0;
+                cs->exception_index = EXCP0D_GPF;
+                return 1;
+            }
+        }
+
         error_code = mmu_translate(cs, addr, get_hphys, env->cr[3], is_write1,
                                    mmu_idx, pg_mode,
                                    &paddr, &page_size, &prot);
-- 
2.25.1

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 01/47] virtio-balloon: don't start free page hinting if postcopy is possible, (continued)
- [PATCH 01/47] virtio-balloon: don't start free page hinting if postcopy is possible, Michael Roth, 2021/12/14
- [PATCH 21/47] bios-tables-test: Update ACPI DSDT table golden blobs for q35, Michael Roth, 2021/12/14
- [PATCH 22/47] block: introduce max_hw_iov for use in scsi-generic, Michael Roth, 2021/12/14
- [PATCH 23/47] pci: fix PCI resource reserve capability on BE, Michael Roth, 2021/12/14
- [PATCH 24/47] tests/acpi/bios-tables-test: add and allow changes to a new q35 DSDT table blob, Michael Roth, 2021/12/14
- [PATCH 25/47] tests/acpi/pcihp: add unit tests for hotplug on multifunction bridges for q35, Michael Roth, 2021/12/14
- [PATCH 26/47] tests/acpi/bios-tables-test: update DSDT blob for multifunction bridge test, Michael Roth, 2021/12/14
- [PATCH 27/47] block/file-posix: Fix return value translation for AIO discards, Michael Roth, 2021/12/14
- [PATCH 28/47] Partially revert "build: -no-pie is no functional linker flag", Michael Roth, 2021/12/14
- [PATCH 29/47] target-i386: mmu: use pg_mode instead of HF_LMA_MASK, Michael Roth, 2021/12/14
- [PATCH 30/47] target-i386: mmu: fix handling of noncanonical virtual addresses, Michael Roth <=
- [PATCH 02/47] target/arm: Don't skip M-profile reset entirely in user mode, Michael Roth, 2021/12/14
- [PATCH 31/47] hw/scsi/scsi-disk: MODE_PAGE_ALLS not allowed in MODE SELECT commands, Michael Roth, 2021/12/14
- [PATCH 32/47] hw: m68k: virt: Add compat machine for 6.1, Michael Roth, 2021/12/14
- [PATCH 33/47] rcu: Introduce force_rcu notifier, Michael Roth, 2021/12/14
- [PATCH 34/47] accel/tcg: Register a force_rcu notifier, Michael Roth, 2021/12/14
- [PATCH 35/47] pcie: rename 'native-hotplug' to 'x-native-hotplug', Michael Roth, 2021/12/14
- [PATCH 36/47] virtio: use virtio accessor to access packed descriptor flags, Michael Roth, 2021/12/14
- [PATCH 37/47] virtio: use virtio accessor to access packed event, Michael Roth, 2021/12/14
- [PATCH 38/47] vfio: Fix memory leak of hostwin, Michael Roth, 2021/12/14
- [PATCH 39/47] nbd/server: Don't complain on certain client disconnects, Michael Roth, 2021/12/14

Prev by Date: [PATCH 29/47] target-i386: mmu: use pg_mode instead of HF_LMA_MASK
Next by Date: [PATCH 02/47] target/arm: Don't skip M-profile reset entirely in user mode
Previous by thread: [PATCH 29/47] target-i386: mmu: use pg_mode instead of HF_LMA_MASK
Next by thread: [PATCH 02/47] target/arm: Don't skip M-profile reset entirely in user mode
Index(es):
- Date
- Thread