| Message ID | e713111f058685914efa8ce0be14197b151cfa9a.1473159543.git-series.james.hogan@imgtec.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 06/09/2016 12:03, James Hogan wrote: > When performing virtual to physical address translation, check the > required privilege level based on the mem_idx rather than the mode in > the hflags. This will allow EVA loads & stores to operate safely only on > user memory from kernel mode. > > For the cases where the mmu_idx doesn't need to be overridden > (mips_cpu_get_phys_page_debug() and cpu_mips_translate_address()), we > calculate the required mmu_idx using cpu_mmu_index(). Note that this > only tests the MIPS_HFLAG_KSU bits rather than MIPS_HFLAG_MODE, so we > don't test the debug mode hflag MIPS_HFLAG_DM any longer. This should be > fine as get_physical_address() only compares against MIPS_HFLAG_UM and > MIPS_HFLAG_SM, neither of which should get set by compute_hflags() when > MIPS_HFLAG_DM is set. > > Signed-off-by: James Hogan <james.hogan@imgtec.com> > Cc: Leon Alrae <leon.alrae@imgtec.com> > Cc: Aurelien Jarno <aurelien@aurel32.net> > --- > target-mips/helper.c | 17 +++++++++-------- > 1 file changed, 9 insertions(+), 8 deletions(-) > > diff --git a/target-mips/helper.c b/target-mips/helper.c > index 29ebf391cb94..2065fc3ec119 100644 > --- a/target-mips/helper.c > +++ b/target-mips/helper.c > @@ -109,11 +109,11 @@ int r4k_map_address (CPUMIPSState *env, hwaddr *physical, int *prot, > > static int get_physical_address (CPUMIPSState *env, hwaddr *physical, > int *prot, target_ulong real_address, > - int rw, int access_type) > + int rw, int access_type, int mmu_idx) > { > /* User mode can only access useg/xuseg */ > - int user_mode = (env->hflags & MIPS_HFLAG_MODE) == MIPS_HFLAG_UM; > - int supervisor_mode = (env->hflags & MIPS_HFLAG_MODE) == MIPS_HFLAG_SM; > + int user_mode = mmu_idx == MIPS_HFLAG_UM; > + int supervisor_mode = mmu_idx == MIPS_HFLAG_SM; > int kernel_mode = !user_mode && !supervisor_mode; > #if defined(TARGET_MIPS64) > int UX = (env->CP0_Status & (1 << CP0St_UX)) != 0; > @@ -413,11 +413,12 @@ static void raise_mmu_exception(CPUMIPSState *env, target_ulong address, > hwaddr mips_cpu_get_phys_page_debug(CPUState *cs, vaddr addr) > { > MIPSCPU *cpu = MIPS_CPU(cs); > + CPUMIPSState *env = &cpu->env; Not really useful change as it is used only once but it is ok. > hwaddr phys_addr; > int prot; > > - if (get_physical_address(&cpu->env, &phys_addr, &prot, addr, 0, > - ACCESS_INT) != 0) { > + if (get_physical_address(env, &phys_addr, &prot, addr, 0, ACCESS_INT, > + cpu_mmu_index(env, false)) != 0) { > return -1; > } > return phys_addr; > @@ -449,7 +450,7 @@ int mips_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw, > correctly */ > access_type = ACCESS_INT; > ret = get_physical_address(env, &physical, &prot, > - address, rw, access_type); > + address, rw, access_type, mmu_idx); > qemu_log_mask(CPU_LOG_MMU, > "%s address=%" VADDR_PRIx " ret %d physical " TARGET_FMT_plx > " prot %d\n", > @@ -479,8 +480,8 @@ hwaddr cpu_mips_translate_address(CPUMIPSState *env, target_ulong address, int r > > /* data access */ > access_type = ACCESS_INT; > - ret = get_physical_address(env, &physical, &prot, > - address, rw, access_type); > + ret = get_physical_address(env, &physical, &prot, address, rw, access_type, > + cpu_mmu_index(env, false)); > if (ret != TLBRET_MATCH) { > raise_mmu_exception(env, address, rw, ret); > return -1LL; > Otherwise, Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com> Regards, Yongbok
On Fri, Oct 07, 2016 at 04:48:31PM +0100, Yongbok Kim wrote: > On 06/09/2016 12:03, James Hogan wrote: > > diff --git a/target-mips/helper.c b/target-mips/helper.c > > index 29ebf391cb94..2065fc3ec119 100644 > > --- a/target-mips/helper.c > > +++ b/target-mips/helper.c > > @@ -413,11 +413,12 @@ static void raise_mmu_exception(CPUMIPSState *env, target_ulong address, > > hwaddr mips_cpu_get_phys_page_debug(CPUState *cs, vaddr addr) > > { > > MIPSCPU *cpu = MIPS_CPU(cs); > > + CPUMIPSState *env = &cpu->env; > > Not really useful change as it is used only once but it is ok. Its used twice in the code below ... > > > hwaddr phys_addr; > > int prot; > > > > - if (get_physical_address(&cpu->env, &phys_addr, &prot, addr, 0, > > - ACCESS_INT) != 0) { > > + if (get_physical_address(env, &phys_addr, &prot, addr, 0, ACCESS_INT, > > + cpu_mmu_index(env, false)) != 0) { ... though I acknowledge it has marginal value > Otherwise, > > Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com> Thanks James
diff --git a/target-mips/helper.c b/target-mips/helper.c index 29ebf391cb94..2065fc3ec119 100644 --- a/target-mips/helper.c +++ b/target-mips/helper.c @@ -109,11 +109,11 @@ int r4k_map_address (CPUMIPSState *env, hwaddr *physical, int *prot, static int get_physical_address (CPUMIPSState *env, hwaddr *physical, int *prot, target_ulong real_address, - int rw, int access_type) + int rw, int access_type, int mmu_idx) { /* User mode can only access useg/xuseg */ - int user_mode = (env->hflags & MIPS_HFLAG_MODE) == MIPS_HFLAG_UM; - int supervisor_mode = (env->hflags & MIPS_HFLAG_MODE) == MIPS_HFLAG_SM; + int user_mode = mmu_idx == MIPS_HFLAG_UM; + int supervisor_mode = mmu_idx == MIPS_HFLAG_SM; int kernel_mode = !user_mode && !supervisor_mode; #if defined(TARGET_MIPS64) int UX = (env->CP0_Status & (1 << CP0St_UX)) != 0; @@ -413,11 +413,12 @@ static void raise_mmu_exception(CPUMIPSState *env, target_ulong address, hwaddr mips_cpu_get_phys_page_debug(CPUState *cs, vaddr addr) { MIPSCPU *cpu = MIPS_CPU(cs); + CPUMIPSState *env = &cpu->env; hwaddr phys_addr; int prot; - if (get_physical_address(&cpu->env, &phys_addr, &prot, addr, 0, - ACCESS_INT) != 0) { + if (get_physical_address(env, &phys_addr, &prot, addr, 0, ACCESS_INT, + cpu_mmu_index(env, false)) != 0) { return -1; } return phys_addr; @@ -449,7 +450,7 @@ int mips_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw, correctly */ access_type = ACCESS_INT; ret = get_physical_address(env, &physical, &prot, - address, rw, access_type); + address, rw, access_type, mmu_idx); qemu_log_mask(CPU_LOG_MMU, "%s address=%" VADDR_PRIx " ret %d physical " TARGET_FMT_plx " prot %d\n", @@ -479,8 +480,8 @@ hwaddr cpu_mips_translate_address(CPUMIPSState *env, target_ulong address, int r /* data access */ access_type = ACCESS_INT; - ret = get_physical_address(env, &physical, &prot, - address, rw, access_type); + ret = get_physical_address(env, &physical, &prot, address, rw, access_type, + cpu_mmu_index(env, false)); if (ret != TLBRET_MATCH) { raise_mmu_exception(env, address, rw, ret); return -1LL;
When performing virtual to physical address translation, check the required privilege level based on the mem_idx rather than the mode in the hflags. This will allow EVA loads & stores to operate safely only on user memory from kernel mode. For the cases where the mmu_idx doesn't need to be overridden (mips_cpu_get_phys_page_debug() and cpu_mips_translate_address()), we calculate the required mmu_idx using cpu_mmu_index(). Note that this only tests the MIPS_HFLAG_KSU bits rather than MIPS_HFLAG_MODE, so we don't test the debug mode hflag MIPS_HFLAG_DM any longer. This should be fine as get_physical_address() only compares against MIPS_HFLAG_UM and MIPS_HFLAG_SM, neither of which should get set by compute_hflags() when MIPS_HFLAG_DM is set. Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> --- target-mips/helper.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-)