[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 2/5] [RISCV_PM] Support CSRs required for RISC-V PM extens
|
From: |
Richard Henderson |
|
Subject: |
Re: [PATCH v2 2/5] [RISCV_PM] Support CSRs required for RISC-V PM extension except for ones in hypervisor mode |
|
Date: |
Thu, 15 Oct 2020 09:48:15 -0700 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 |
On 10/15/20 8:21 AM, Alexey Baturo wrote:
> +/* Functions to access Pointer Masking feature registers
> + * We have to check if current priv lvl could modify
> + * csr in given mode
> + */
> +static int check_pm_current_disabled(CPURISCVState *env, int csrno)
> +{
> + /* m-mode is always allowed to modify registers, so allow */
> + if (env->priv == PRV_M) {
> + return 0;
> + }
> + int csr_priv = get_field(csrno, 0xC00);
> + /* If priv lvls differ that means we're accessing csr from higher priv
> lvl, so allow */
> + if (env->priv != csr_priv) {
> + return 0;
> + }
> + int cur_bit_pos = (env->priv == PRV_U) ? U_PM_CURRENT :
> + (env->priv == PRV_S) ? S_PM_CURRENT : -1;
> + assert(cur_bit_pos != -1);
This is a bit clumsy. I suggest
int cur_bit_pos;
switch (env->priv) {
case PRV_M:
return 0;
case PRV_S:
cur_bit_pos = S_PM_CURRENT;
break;
case PRV_U:
cur_bit_pos = U_PM_CURRENT;
break;
default:
g_assert_not_reached();
}
> +static int read_mmte(CPURISCVState *env, int csrno, target_ulong *val)
> +{
> +#if !defined(CONFIG_USER_ONLY)
> + if (!riscv_has_ext(env, RVJ)) {
> + *val = 0;
> + return 0;
> + }
> +#endif
This ifdef is wrong. CONFIG_USER_ONLY doesn't have anything to do with what
features the cpu supports. Nor can it be correct. If you try to read this on
current hardware, without J, then you get an exception not zero.
I would have expected this check would actually go into the csr predicate
function.
> + *val = env->mmte & MMTE_MASK;
Surely you don't need MMTE_MASK here because you used it when writing.
That said, don't you also need to mask vs the current priv level? There's
language in your doc that says "XS bits are available in..." and "PM bits are
available in...".
I'll also note that it says "by default only higher priv code can set the value
for PM bits", while surely it's a security bug for lower priv code to read
anything related to a higher priv.
> + target_ulong wpri_val = val & SMTE_MASK;
> + assert(val == wpri_val);
Incorrect assert. This value is under guest control. Do not crash qemu
because the guest is doing silly things. Raise an exception if you like, and
perhaps qemu_log_mask with LOG_GUEST_ERROR.
> + if (check_pm_current_disabled(env, csrno))
> + return 0;
Missing braces.
r~
[PATCH v2 3/5] [RISCV_PM] Print new PM CSRs in QEMU logs, Alexey Baturo, 2020/10/15
[PATCH v2 4/5] [RISCV_PM] Support pointer masking for RISC-V for i/c/f/d/a types of instructions, Alexey Baturo, 2020/10/15
[PATCH v2 5/5] [RISCV_PM] Implement address masking functions required for RISC-V Pointer Masking extension, Alexey Baturo, 2020/10/15