qemu-ppc
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-ppc] [PATCH 39/45] mmu-hash64: Factor SLB N bit into permissions b

From: David Gibson
Subject: [Qemu-ppc] [PATCH 39/45] mmu-hash64: Factor SLB N bit into permissions bits
Date: Wed, 6 Mar 2013 14:44:27 +1100 
BEHAVIOUR CHANGE

Currently, for 64-bit hash mmu, the execute protection bit placed into the
qemu tlb is based only on the N (No execute) bit from the PTE.  However,
No Execute can also be set at the segment level.  We do check this on
execute faults, but this still means we could incorrectly allow execution
of code from a No Execute segment, if a prior read or write fault caused
the page to be loaded into the qemu tlb with PROT_EXEC set.

To correct this, we (re-)check the segment level no execute permission when
generating the protection bits for the qemu tlb.

Signed-off-by: David Gibson <address@hidden>
---
 target-ppc/mmu-hash64.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/target-ppc/mmu-hash64.c b/target-ppc/mmu-hash64.c
index 1458f15..5607ce8 100644
--- a/target-ppc/mmu-hash64.c
+++ b/target-ppc/mmu-hash64.c
@@ -272,7 +272,8 @@ static int ppc_hash64_pte_prot(CPUPPCState *env,
     }
 
     /* No execute if either noexec or guarded bits set */
-    if (!(pte.pte1 & HPTE64_R_N) || (pte.pte1 & HPTE64_R_G)) {
+    if (!(pte.pte1 & HPTE64_R_N) || (pte.pte1 & HPTE64_R_G)
+        || (slb->vsid & SLB_VSID_N)) {
         prot |= PAGE_EXEC;
     }
 
-- 
1.7.10.4
reply via email to
[Prev in Thread] Current Thread [Next in Thread]