[Stable-8.1.4 13/31] target/riscv/cpu_helper.c: Fix mxr bit behavior

qemu-stable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Stable-8.1.4 13/31] target/riscv/cpu_helper.c: Fix mxr bit behavior

From:	Michael Tokarev
Subject:	[Stable-8.1.4 13/31] target/riscv/cpu_helper.c: Fix mxr bit behavior
Date:	Tue, 12 Dec 2023 15:18:01 +0300

From: Ivan Klokov <ivan.klokov@syntacore.com>

According to RISCV Specification sect 9.5 on two stage translation when
V=1 the vsstatus(mstatus in QEMU's terms) field MXR, which makes
execute-only pages readable, only overrides VS-stage page protection.
Setting MXR at HS-level(mstatus_hs), however, overrides both VS-stage
and G-stage execute-only permissions.

The hypervisor extension changes the behavior of MXR\MPV\MPRV bits.
Due to RISCV Specification sect. 9.4.1 when MPRV=1, explicit memory
accesses are translated and protected, and endianness is applied, as
though the current virtualization mode were set to MPV and the current
nominal privilege mode were set to MPP. vsstatus.MXR makes readable
those pages marked executable at the VS translation stage.

Fixes: 36a18664ba ("target/riscv: Implement second stage MMU")

Signed-off-by: Ivan Klokov <ivan.klokov@syntacore.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20231121071757.7178-3-ivan.klokov@syntacore.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
(cherry picked from commit 6bca4d7d1ff2b8857486c3ff31f5c6fc3e3984b4)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index 3c482f9fd4..ce10d722f1 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -989,13 +989,29 @@ restart:
         prot |= PAGE_WRITE;
     }
     if (pte & PTE_X) {
-        bool mxr;
+        bool mxr = false;
 
-        if (first_stage == true) {
+        /*
+         * Use mstatus for first stage or for the second stage without
+         * virt_enabled (MPRV+MPV)
+         */
+        if (first_stage || !env->virt_enabled) {
             mxr = get_field(env->mstatus, MSTATUS_MXR);
-        } else {
-            mxr = get_field(env->vsstatus, MSTATUS_MXR);
         }
+
+        /* MPRV+MPV case, check VSSTATUS */
+        if (first_stage && two_stage && !env->virt_enabled) {
+            mxr |= get_field(env->vsstatus, MSTATUS_MXR);
+        }
+
+        /*
+         * Setting MXR at HS-level overrides both VS-stage and G-stage
+         * execute-only permissions
+         */
+        if (env->virt_enabled) {
+            mxr |= get_field(env->mstatus_hs, MSTATUS_MXR);
+        }
+
         if (mxr) {
             prot |= PAGE_READ;
         }
-- 
2.39.2

[Prev in Thread]

Current Thread

[Next in Thread]

[Stable-8.1.4 03/31] hw/ide/ahci: fix legacy software reset, (continued)
- [Stable-8.1.4 03/31] hw/ide/ahci: fix legacy software reset, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 04/31] net: Provide MemReentrancyGuard * to qemu_new_nic(), Michael Tokarev, 2023/12/12
- [Stable-8.1.4 06/31] linux-user: Fix loaddr computation for some elf files, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 07/31] tests/avocado: Replace assertEquals() for Python 3.12 compatibility, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 08/31] tests/avocado: Replace assertRegexpMatches() for Python 3.12 compatibility, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 05/31] net: Update MemReentrancyGuard for NIC, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 09/31] linux-user/riscv: Add Zicboz block size to hwprobe, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 10/31] hw/riscv/virt.c: do create_fdt() earlier, add finalize_fdt(), Michael Tokarev, 2023/12/12
- [Stable-8.1.4 11/31] riscv: Fix SiFive E CLINT clock frequency, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 12/31] target/riscv/cpu_helper.c: Invalid exception on MMU translation stage, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 13/31] target/riscv/cpu_helper.c: Fix mxr bit behavior, Michael Tokarev <=
- [Stable-8.1.4 14/31] vmdk: Don't corrupt desc file in vmdk_write_cid, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 15/31] target/arm: Set IL bit for pauth, SVE access, BTI trap syndromes, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 16/31] target/arm: Handle overflow in calculation of next timer tick, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 17/31] hw/virtio: Free VirtIOIOMMUPCI::vdev.reserved_regions[] on finalize(), Michael Tokarev, 2023/12/12
- [Stable-8.1.4 20/31] hw/nvram/xlnx-efuse-ctrl: Free XlnxVersalEFuseCtrl[] "pg0-lock" array, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 22/31] hw/avr/atmega: Fix wrong initial value of stack pointer, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 19/31] hw/nvram/xlnx-efuse: Free XlnxEFuse::ro_bits[] array on finalize(), Michael Tokarev, 2023/12/12
- [Stable-8.1.4 21/31] hw/virtio: Add VirtioPCIDeviceTypeInfo::instance_finalize field, Michael Tokarev, 2023/12/12
- [Stable-8.1.4 18/31] hw/misc/mps2-scc: Free MPS2SCC::oscclk[] array on finalize(), Michael Tokarev, 2023/12/12
- [Stable-8.1.4 23/31] hw/audio/hda-codec: fix multiplication overflow, Michael Tokarev, 2023/12/12

Prev by Date: [Stable-8.1.4 12/31] target/riscv/cpu_helper.c: Invalid exception on MMU translation stage
Next by Date: [Stable-8.1.4 14/31] vmdk: Don't corrupt desc file in vmdk_write_cid
Previous by thread: [Stable-8.1.4 12/31] target/riscv/cpu_helper.c: Invalid exception on MMU translation stage
Next by thread: [Stable-8.1.4 14/31] vmdk: Don't corrupt desc file in vmdk_write_cid
Index(es):
- Date
- Thread