From patchwork Sat Apr 13 10:59:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aleksei Filippov X-Patchwork-Id: 13628668 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E801AC4345F for ; Sat, 13 Apr 2024 11:00:37 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rvb6w-0000W9-RX; Sat, 13 Apr 2024 06:59:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rvb6v-0000VI-2z; Sat, 13 Apr 2024 06:59:53 -0400 Received: from mta-04.yadro.com ([89.207.88.248]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rvb6s-00027s-M6; Sat, 13 Apr 2024 06:59:52 -0400 DKIM-Filter: OpenDKIM Filter v2.11.0 mta-04.yadro.com 7F2DFC0003 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=syntacore.com; s=mta-04; t=1713005985; bh=3CcDcXZJegh8W1uUIlJHgdnrNh4FFZdThdW2zm0ltzc=; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:From; b=ULhSzDEcSnqaz5g+DJevZ6d96qxSIPGD97UO+PtbfEnmOspdbm+3exk+HHSFsSpOd ImTvVZ0GnjKWnAM6XTAk+t+9Th1Hfeg6PCxJoiTqr1MTRavMHi8d0LU4WnD72OAB+v xna3ywpmQ0SCj/4XBHJW0F1RkmfBa2QdwBPOg1I7DJRMe26OWxF4lNxQVPk/jMpfCS 25kiDEVJdPfS78WNUxyIfUrtXzDHZCBf7Tij8VAeD2U+u03++7gLaGP6ndGSWyitOe ylohhVP9QOR9LArkHTvwSax7dvHTkuB7tEcFCl4GH/Lwv0LTTHUTWamxHtrkzG3RLQ qOkUmAfjPIHTg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=syntacore.com; s=mta-03; t=1713005985; bh=3CcDcXZJegh8W1uUIlJHgdnrNh4FFZdThdW2zm0ltzc=; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:From; b=lDcD4WWNebseyoTvfvIeyTiAQ00FWrw7cS/wI23j0Gezs1PnhJlhN5WqHjuGM3Pup UBtHGNNw3+KeBc5ncqeTDmgkP7fIV5NQMmejpQunOu1Fe+qNk6byw4+d1zgvL8lhBW Wxy3Rtr8dv6QWUIUb35vZh9vo0kAJi8Wlccbxql8W9fHxoN6OjCG0zub1FQ5KayBFz PJDjKvvxgEZLUjNehDEtQK3oQhZOnQXyWXZUdkavXg+vF46vYinjU/8f4enCrfltX3 K9/fuPnwRwqBRhs5jp5N/Otl0A1NdtKyTPn0NziqgGfyNqeLROxgnVrzDZhD5MsC2q trRlMNUkfRkrQ== From: Alexei Filippov To: , , , , , CC: , , Joseph Chan Subject: [PATCH 1/2] target/riscv: prioritize pmp errors in raise_mmu_exception() Date: Sat, 13 Apr 2024 13:59:28 +0300 Message-ID: <20240413105929.7030-1-alexei.filippov@syntacore.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-ClientProxiedBy: T-EXCH-06.corp.yadro.com (172.17.10.110) To T-EXCH-12.corp.yadro.com (172.17.11.143) Received-SPF: permerror client-ip=89.207.88.248; envelope-from=alexei.filippov@syntacore.com; helo=mta-04.yadro.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: Daniel Henrique Barboza raise_mmu_exception(), as is today, is prioritizing guest page faults by checking first if virt_enabled && !first_stage, and then considering the regular inst/load/store faults. There's no mention in the spec about guest page fault being a higher priority that PMP faults. In fact, privileged spec section 3.7.1 says: "Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception. Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception. Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception." So, in fact, we're doing it wrong - PMP faults should always be thrown, regardless of also being a first or second stage fault. The way riscv_cpu_tlb_fill() and get_physical_address() work is adequate: a TRANSLATE_PMP_FAIL error is immediately reported and reflected in the 'pmp_violation' flag. What we need is to change raise_mmu_exception() to prioritize it. Reported-by: Joseph Chan Fixes: 82d53adfbb ("target/riscv/cpu_helper.c: Invalid exception on MMU translation stage") Signed-off-by: Daniel Henrique Barboza Reviewed-by: Alistair Francis --- target/riscv/cpu_helper.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index bc70ab5abc..196166f8dd 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -1203,28 +1203,30 @@ static void raise_mmu_exception(CPURISCVState *env, target_ulong address, switch (access_type) { case MMU_INST_FETCH: - if (env->virt_enabled && !first_stage) { + if (pmp_violation) { + cs->exception_index = RISCV_EXCP_INST_ACCESS_FAULT; + } else if (env->virt_enabled && !first_stage) { cs->exception_index = RISCV_EXCP_INST_GUEST_PAGE_FAULT; } else { - cs->exception_index = pmp_violation ? - RISCV_EXCP_INST_ACCESS_FAULT : RISCV_EXCP_INST_PAGE_FAULT; + cs->exception_index = RISCV_EXCP_INST_PAGE_FAULT; } break; case MMU_DATA_LOAD: - if (two_stage && !first_stage) { + if (pmp_violation) { + cs->exception_index = RISCV_EXCP_LOAD_ACCESS_FAULT; + } else if (two_stage && !first_stage) { cs->exception_index = RISCV_EXCP_LOAD_GUEST_ACCESS_FAULT; } else { - cs->exception_index = pmp_violation ? - RISCV_EXCP_LOAD_ACCESS_FAULT : RISCV_EXCP_LOAD_PAGE_FAULT; + cs->exception_index = RISCV_EXCP_LOAD_PAGE_FAULT; } break; case MMU_DATA_STORE: - if (two_stage && !first_stage) { + if (pmp_violation) { + cs->exception_index = RISCV_EXCP_STORE_AMO_ACCESS_FAULT; + } else if (two_stage && !first_stage) { cs->exception_index = RISCV_EXCP_STORE_GUEST_AMO_ACCESS_FAULT; } else { - cs->exception_index = pmp_violation ? - RISCV_EXCP_STORE_AMO_ACCESS_FAULT : - RISCV_EXCP_STORE_PAGE_FAULT; + cs->exception_index = RISCV_EXCP_STORE_PAGE_FAULT; } break; default: From patchwork Sat Apr 13 10:59:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aleksei Filippov X-Patchwork-Id: 13628669 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id F0B26C4345F for ; Sat, 13 Apr 2024 11:01:04 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rvb7P-0000fC-Lu; Sat, 13 Apr 2024 07:00:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rvb7L-0000bi-Jm; Sat, 13 Apr 2024 07:00:20 -0400 Received: from mta-04.yadro.com ([89.207.88.248]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rvb7J-0002P7-VK; Sat, 13 Apr 2024 07:00:19 -0400 DKIM-Filter: OpenDKIM Filter v2.11.0 mta-04.yadro.com 7AFF7C0023 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=syntacore.com; s=mta-04; t=1713006012; bh=hwh8A+mIgbj7v6jIURAlmJ5qJQ+hq1iDueKeSvQz0TA=; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:From; b=H72ZY+1lkAHAzc4aAxdAryPonIpP8RgcC2WZ8YQ4d4iRYWo0MfkMNkURFrDfnPDRz KoJqDaAW9CNiXv3QslY3xY4Iot/N7vYZrpGvvPKkLjlpz49w/wT/vXFgbXbWSwq8Gm nAMvB9ZOxoWMEwnxLsbyJgQnaZAXzmApAaWNq4Bg5xlAObjwCebCY0vbHyzvsMcQYI M6JbkySBBuPGmd7oRQXBEunfNgxIcvxP9j5n+FGoI47+4/fQ1ZCAErsZzsra+4PpjV O4PxI2/5VaZL8fDj5VqaWUvifIlFHMnczNcecInPQDCIsG/522wDOnve0RTRluURQb jHZjb6CQRzrvA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=syntacore.com; s=mta-03; t=1713006012; bh=hwh8A+mIgbj7v6jIURAlmJ5qJQ+hq1iDueKeSvQz0TA=; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:From; b=rNRlzqnf1hODj66Lfi9laMHgYNDTXHM24VzDfnycQw7nhPnn2tIcYWAMNcdcA2Nt9 aR/sG31A0X/HtalafgZHZzjdy07XLwfBbWNxewnaBi6/ppjyIH8E3nv2gVaHJpPJSR zXxn4seEcRzTmQFDaZsxONW2ix/N0suIeLOMMgDwUcztHx6eRmfXztIUzHEaLt1BAt KgpFf7OoQ1x0KdHeT57tAnhHbPCboc3DzSRUYweHGnxU2ueGhUbIVH1hl2UWKECyDl Us/+12jfVv+sLpD3K6N/Q/nznjY7Cev2/mrzbUxRCpsxlvN96p6Tn747c7U/pMFNs9 wQNrgIs2fDxpQ== From: Alexei Filippov To: , , , , , CC: , , Alexei Filippov Subject: [PATCH 2/2] target/riscv: do not set mtval2 for non guest-page faults Date: Sat, 13 Apr 2024 13:59:29 +0300 Message-ID: <20240413105929.7030-2-alexei.filippov@syntacore.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240413105929.7030-1-alexei.filippov@syntacore.com> References: <20240413105929.7030-1-alexei.filippov@syntacore.com> MIME-Version: 1.0 X-ClientProxiedBy: T-EXCH-06.corp.yadro.com (172.17.10.110) To T-EXCH-12.corp.yadro.com (172.17.11.143) Received-SPF: permerror client-ip=89.207.88.248; envelope-from=alexei.filippov@syntacore.com; helo=mta-04.yadro.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Previous patch fixed the PMP priority in raise_mmu_exception() but we're still setting mtval2 incorrectly. In riscv_cpu_tlb_fill(), after pmp check in 2 stage translation part, mtval2 will be set in case of successes 2 stage translation but failed pmp check. In this case we gonna set mtval2 via env->guest_phys_fault_addr in context of riscv_cpu_tlb_fill(), as this was a guest-page-fault, but it didn't and mtval2 should be zero, according to RISCV privileged spec sect. 9.4.4: When a guest page-fault is taken into M-mode, mtval2 is written with either zero or guest physical address that faulted, shifted by 2 bits. *For other traps, mtval2 is set to zero...* Signed-off-by: Alexei Filippov Reviewed-by: Daniel Henrique Barboza --- target/riscv/cpu_helper.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 196166f8dd..89e659fe3a 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -1410,17 +1410,17 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, __func__, pa, ret, prot_pmp, tlb_size); prot &= prot_pmp; - } - - if (ret != TRANSLATE_SUCCESS) { + } else { /* * Guest physical address translation failed, this is a HS * level exception */ first_stage_error = false; - env->guest_phys_fault_addr = (im_address | - (address & - (TARGET_PAGE_SIZE - 1))) >> 2; + if (ret != TRANSLATE_PMP_FAIL) { + env->guest_phys_fault_addr = (im_address | + (address & + (TARGET_PAGE_SIZE - 1))) >> 2; + } } } } else {