[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Stable-8.2.3 46/87] target/hppa: fix access_id check
From: |
Michael Tokarev |
Subject: |
[Stable-8.2.3 46/87] target/hppa: fix access_id check |
Date: |
Wed, 10 Apr 2024 10:22:19 +0300 |
From: Sven Schnelle <svens@stackframe.org>
PA2.0 provides 8 instead of 4 PID registers.
Signed-off-by: Sven Schnelle <svens@stackframe.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20240319161921.487080-4-svens@stackframe.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit ae157fc25053917830c3b581bc282f906e6d95d3)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
diff --git a/target/hppa/mem_helper.c b/target/hppa/mem_helper.c
index 4fcc612754..3a34c4f748 100644
--- a/target/hppa/mem_helper.c
+++ b/target/hppa/mem_helper.c
@@ -152,6 +152,49 @@ static HPPATLBEntry *hppa_alloc_tlb_ent(CPUHPPAState *env)
return ent;
}
+#define ACCESS_ID_MASK 0xffff
+
+/* Return the set of protections allowed by a PID match. */
+static int match_prot_id_1(uint32_t access_id, uint32_t prot_id)
+{
+ if (((access_id ^ (prot_id >> 1)) & ACCESS_ID_MASK) == 0) {
+ return (prot_id & 1
+ ? PAGE_EXEC | PAGE_READ
+ : PAGE_EXEC | PAGE_READ | PAGE_WRITE);
+ }
+ return 0;
+}
+
+static int match_prot_id32(CPUHPPAState *env, uint32_t access_id)
+{
+ int r, i;
+
+ for (i = CR_PID1; i <= CR_PID4; ++i) {
+ r = match_prot_id_1(access_id, env->cr[i]);
+ if (r) {
+ return r;
+ }
+ }
+ return 0;
+}
+
+static int match_prot_id64(CPUHPPAState *env, uint32_t access_id)
+{
+ int r, i;
+
+ for (i = CR_PID1; i <= CR_PID4; ++i) {
+ r = match_prot_id_1(access_id, env->cr[i]);
+ if (r) {
+ return r;
+ }
+ r = match_prot_id_1(access_id, env->cr[i] >> 32);
+ if (r) {
+ return r;
+ }
+ }
+ return 0;
+}
+
int hppa_get_physical_address(CPUHPPAState *env, vaddr addr, int mmu_idx,
int type, hwaddr *pphys, int *pprot,
HPPATLBEntry **tlb_entry)
@@ -224,29 +267,30 @@ int hppa_get_physical_address(CPUHPPAState *env, vaddr
addr, int mmu_idx,
break;
}
+ /*
+ * No guest access type indicates a non-architectural access from
+ * within QEMU. Bypass checks for access, D, B, P and T bits.
+ */
+ if (type == 0) {
+ goto egress;
+ }
+
/* access_id == 0 means public page and no check is performed */
if (ent->access_id && MMU_IDX_TO_P(mmu_idx)) {
- /* If bits [31:1] match, and bit 0 is set, suppress write. */
- int match = ent->access_id * 2 + 1;
-
- if (match == env->cr[CR_PID1] || match == env->cr[CR_PID2] ||
- match == env->cr[CR_PID3] || match == env->cr[CR_PID4]) {
- prot &= PAGE_READ | PAGE_EXEC;
- if (type == PAGE_WRITE) {
- ret = EXCP_DMPI;
- goto egress;
- }
+ int access_prot = (hppa_is_pa20(env)
+ ? match_prot_id64(env, ent->access_id)
+ : match_prot_id32(env, ent->access_id));
+ if (unlikely(!(type & access_prot))) {
+ /* Not allowed -- Inst/Data Memory Protection Id Fault. */
+ ret = type & PAGE_EXEC ? EXCP_IMP : EXCP_DMPI;
+ goto egress;
}
- }
-
- /* No guest access type indicates a non-architectural access from
- within QEMU. Bypass checks for access, D, B and T bits. */
- if (type == 0) {
- goto egress;
+ /* Otherwise exclude permissions not allowed (i.e WD). */
+ prot &= access_prot;
}
if (unlikely(!(prot & type))) {
- /* The access isn't allowed -- Inst/Data Memory Protection Fault. */
+ /* Not allowed -- Inst/Data Memory Access Rights Fault. */
ret = (type & PAGE_EXEC) ? EXCP_IMP : EXCP_DMAR;
goto egress;
}
--
2.39.2
- [Stable-8.2.3 34/87] tests/unit: Bump test-replication timeout to 60 seconds, (continued)
- [Stable-8.2.3 34/87] tests/unit: Bump test-replication timeout to 60 seconds, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 36/87] target/i386: use separate MMU indexes for 32-bit accesses, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 35/87] target/i386: introduce function to query MMU indices, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 33/87] tests/unit: Bump test-crypto-block test timeout to 5 minutes, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 38/87] Revert "chardev/char-socket: Fix TLS io channels sending too much data to the backend", Michael Tokarev, 2024/04/10
- [Stable-8.2.3 39/87] ui: compile dbus-display1.c with -fPIC as necessary, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 42/87] target/hppa: Fix assemble_11a insns for wide mode, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 41/87] target/hppa: Fix assemble_16 insns for wide mode, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 40/87] target/i386: Revert monitor_puts() in do_inject_x86_mce(), Michael Tokarev, 2024/04/10
- [Stable-8.2.3 44/87] target/hppa: ldcw,s uses static shift of 3, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 46/87] target/hppa: fix access_id check,
Michael Tokarev <=
- [Stable-8.2.3 45/87] target/hppa: fix shrp for wide mode, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 47/87] target/hppa: exit tb on flush cache instructions, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 43/87] target/hppa: Fix assemble_12a insns for wide mode, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 48/87] target/hppa: mask privilege bits in mfia, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 50/87] target/loongarch: Fix qemu-loongarch64 hang when executing 'll.d $t0, $t0, 0', Michael Tokarev, 2024/04/10
- [Stable-8.2.3 49/87] target/hppa: fix do_stdby_e(), Michael Tokarev, 2024/04/10
- [Stable-8.2.3 51/87] docs/conf.py: Remove usage of distutils, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 52/87] target/loongarch: Fix qemu-system-loongarch64 assert failed with the option '-d int', Michael Tokarev, 2024/04/10
- [Stable-8.2.3 54/87] vdpa-dev: Fix initialisation order to restore VDUSE compatibility, Michael Tokarev, 2024/04/10
- [Stable-8.2.3 53/87] target/s390x: Use mutable temporary value for op_ts, Michael Tokarev, 2024/04/10