Message ID | 62fcfe747245cf8edcabcbe8f1f0b59be035fad6.1579584948.git.alistair.francis@wdc.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | [v1,1/1] target/riscv: Correctly implement TSR trap | expand |
Looks good to me. Though this is I think the third bug in privilege checking in op_helper.c which is only like 150 lines long total. It would be really good to fully double check that there aren't any more lurking there... Reviewed-by: Jonathan Behrens <jonathan@fintelia.io <palmerdabbelt@google.com>> On Tue, Jan 21, 2020 at 12:45 AM Alistair Francis <alistair.francis@wdc.com> wrote: > As reported in: https://bugs.launchpad.net/qemu/+bug/1851939 we weren't > correctly handling illegal instructions based on the value of MSTATUS_TSR > and the current privledge level. > > This patch fixes the issue raised in the bug by raising an illegal > instruction if TSR is set and we are in S-Mode. > > Signed-off-by: Alistair Francis <alistair.francis@wdc.com> > --- > target/riscv/op_helper.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c > index 331cc36232..eed8eea6f2 100644 > --- a/target/riscv/op_helper.c > +++ b/target/riscv/op_helper.c > @@ -83,7 +83,7 @@ target_ulong helper_sret(CPURISCVState *env, > target_ulong cpu_pc_deb) > } > > if (env->priv_ver >= PRIV_VERSION_1_10_0 && > - get_field(env->mstatus, MSTATUS_TSR)) { > + get_field(env->mstatus, MSTATUS_TSR) && !(env->priv >= PRV_M)) { > riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); > } > > -- > 2.24.1 > > >
On Mon, Jan 20, 2020 at 9:43 PM Alistair Francis <alistair.francis@wdc.com> wrote: > > As reported in: https://bugs.launchpad.net/qemu/+bug/1851939 we weren't > correctly handling illegal instructions based on the value of MSTATUS_TSR > and the current privledge level. > > This patch fixes the issue raised in the bug by raising an illegal > instruction if TSR is set and we are in S-Mode. > > Signed-off-by: Alistair Francis <alistair.francis@wdc.com> @Palmer Dabbelt Ping! Alistair > --- > target/riscv/op_helper.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c > index 331cc36232..eed8eea6f2 100644 > --- a/target/riscv/op_helper.c > +++ b/target/riscv/op_helper.c > @@ -83,7 +83,7 @@ target_ulong helper_sret(CPURISCVState *env, target_ulong cpu_pc_deb) > } > > if (env->priv_ver >= PRIV_VERSION_1_10_0 && > - get_field(env->mstatus, MSTATUS_TSR)) { > + get_field(env->mstatus, MSTATUS_TSR) && !(env->priv >= PRV_M)) { > riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); > } > > -- > 2.24.1 >
On Thu, 20 Feb 2020 10:41:35 PST (-0800), alistair23@gmail.com wrote: > On Mon, Jan 20, 2020 at 9:43 PM Alistair Francis > <alistair.francis@wdc.com> wrote: >> >> As reported in: https://bugs.launchpad.net/qemu/+bug/1851939 we weren't >> correctly handling illegal instructions based on the value of MSTATUS_TSR >> and the current privledge level. >> >> This patch fixes the issue raised in the bug by raising an illegal >> instruction if TSR is set and we are in S-Mode. >> >> Signed-off-by: Alistair Francis <alistair.francis@wdc.com> > > @Palmer Dabbelt Ping! Sorry, I must have missed this. It's in the queue (with the reviews as collected by patchwork). Thanks! > > Alistair > >> --- >> target/riscv/op_helper.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c >> index 331cc36232..eed8eea6f2 100644 >> --- a/target/riscv/op_helper.c >> +++ b/target/riscv/op_helper.c >> @@ -83,7 +83,7 @@ target_ulong helper_sret(CPURISCVState *env, target_ulong cpu_pc_deb) >> } >> >> if (env->priv_ver >= PRIV_VERSION_1_10_0 && >> - get_field(env->mstatus, MSTATUS_TSR)) { >> + get_field(env->mstatus, MSTATUS_TSR) && !(env->priv >= PRV_M)) { >> riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); >> } >> >> -- >> 2.24.1 >>
diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 331cc36232..eed8eea6f2 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -83,7 +83,7 @@ target_ulong helper_sret(CPURISCVState *env, target_ulong cpu_pc_deb) } if (env->priv_ver >= PRIV_VERSION_1_10_0 && - get_field(env->mstatus, MSTATUS_TSR)) { + get_field(env->mstatus, MSTATUS_TSR) && !(env->priv >= PRV_M)) { riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); }
As reported in: https://bugs.launchpad.net/qemu/+bug/1851939 we weren't correctly handling illegal instructions based on the value of MSTATUS_TSR and the current privledge level. This patch fixes the issue raised in the bug by raising an illegal instruction if TSR is set and we are in S-Mode. Signed-off-by: Alistair Francis <alistair.francis@wdc.com> --- target/riscv/op_helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)