From: Leandro Lupori <leandro.lupori@eldorado.org.br>
To: "Cédric Le Goater" <clg@kaod.org>,
qemu-devel@nongnu.org, qemu-ppc@nongnu.org
Cc: danielhb413@gmail.com, david@gibson.dropbear.id.au, groug@kaod.org
Subject: Re: [PATCH 1/3] ppc: Check partition and process table alignment
Date: Thu, 23 Jun 2022 11:24:29 -0300 [thread overview]
Message-ID: <3b668ffb-da6b-09c9-dd3a-6649f8a9e3ea@eldorado.org.br> (raw)
In-Reply-To: <5c93bc68-be10-5d47-717f-91964e00e251@kaod.org>
On 6/21/22 08:05, Cédric Le Goater wrote:
> [E-MAIL EXTERNO] Não clique em links ou abra anexos, a menos que você
> possa confirmar o remetente e saber que o conteúdo é seguro. Em caso de
> e-mail suspeito entre imediatamente em contato com o DTI.
>
> On 6/20/22 22:27, Leandro Lupori wrote:
>> Check if partition and process tables are properly aligned, in
>> their size, according to PowerISA 3.1B, Book III 6.7.6 programming
>> note. Hardware and KVM also raise an exception in these cases.
>>
>> Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br>
>> ---
>> hw/ppc/spapr.c | 5 +++++
>> hw/ppc/spapr_hcall.c | 9 +++++++++
>> target/ppc/mmu-book3s-v3.c | 5 +++++
>> target/ppc/mmu-radix64.c | 17 +++++++++++++----
>> 4 files changed, 32 insertions(+), 4 deletions(-)
>>
>> diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c
>> index fd4942e881..4b1f346087 100644
>> --- a/hw/ppc/spapr.c
>> +++ b/hw/ppc/spapr.c
>> @@ -1329,6 +1329,11 @@ static bool spapr_get_pate(PPCVirtualHypervisor
>> *vhyp, PowerPCCPU *cpu,
>> patb = spapr->nested_ptcr & PTCR_PATB;
>> pats = spapr->nested_ptcr & PTCR_PATS;
>>
>> + /* Check if partition table is properly aligned */
>> + if (patb & MAKE_64BIT_MASK(0, pats + 12)) {
>> + return false;
>> + }
>> +
>> /* Calculate number of entries */
>> pats = 1ull << (pats + 12 - 4);
>> if (pats <= lpid) {
>> diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c
>> index d761a7d0c3..2a73ba8a1d 100644
>> --- a/hw/ppc/spapr_hcall.c
>> +++ b/hw/ppc/spapr_hcall.c
>> @@ -920,6 +920,7 @@ static target_ulong
>> h_register_process_table(PowerPCCPU *cpu,
>> target_ulong page_size = args[2];
>> target_ulong table_size = args[3];
>> target_ulong update_lpcr = 0;
>> + target_ulong table_byte_size;
>> uint64_t cproc;
>>
>> if (flags & ~FLAGS_MASK) { /* Check no reserved bits are set */
>> @@ -927,6 +928,14 @@ static target_ulong
>> h_register_process_table(PowerPCCPU *cpu,
>> }
>> if (flags & FLAG_MODIFY) {
>> if (flags & FLAG_REGISTER) {
>> + /* Check process table alignment */
>> + table_byte_size = 1ULL << (table_size + 12);
>> + if (proc_tbl & (table_byte_size - 1)) {
>> + qemu_log_mask(LOG_GUEST_ERROR,
>> + "%s: process table not properly aligned: "
>> + "proc_tbl 0x%lx proc_tbl_size 0x%lx\n",
>> + __func__, proc_tbl, table_byte_size);
>> + }
> I think you might need to use some define for the format. Looks good
> otherwise.
>
Right, TARGET_FMT_lx seems more appropriate.
Thanks,
Leandro
> Thanks,
>
> C.
>
>
>> if (flags & FLAG_RADIX) { /* Register new RADIX process
>> table */
>> if (proc_tbl & 0xfff || proc_tbl >> 60) {
>> return H_P2;
>> diff --git a/target/ppc/mmu-book3s-v3.c b/target/ppc/mmu-book3s-v3.c
>> index f4985bae78..c8f69b3df9 100644
>> --- a/target/ppc/mmu-book3s-v3.c
>> +++ b/target/ppc/mmu-book3s-v3.c
>> @@ -28,6 +28,11 @@ bool ppc64_v3_get_pate(PowerPCCPU *cpu,
>> target_ulong lpid, ppc_v3_pate_t *entry)
>> uint64_t patb = cpu->env.spr[SPR_PTCR] & PTCR_PATB;
>> uint64_t pats = cpu->env.spr[SPR_PTCR] & PTCR_PATS;
>>
>> + /* Check if partition table is properly aligned */
>> + if (patb & MAKE_64BIT_MASK(0, pats + 12)) {
>> + return false;
>> + }
>> +
>> /* Calculate number of entries */
>> pats = 1ull << (pats + 12 - 4);
>> if (pats <= lpid) {
>> diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
>> index 21ac958e48..9a8a2e2875 100644
>> --- a/target/ppc/mmu-radix64.c
>> +++ b/target/ppc/mmu-radix64.c
>> @@ -383,7 +383,7 @@ static int
>> ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
>> {
>> CPUState *cs = CPU(cpu);
>> CPUPPCState *env = &cpu->env;
>> - uint64_t offset, size, prtbe_addr, prtbe0, base_addr, nls, index,
>> pte;
>> + uint64_t offset, size, prtb, prtbe_addr, prtbe0, base_addr, nls,
>> index, pte;
>> int fault_cause = 0, h_page_size, h_prot;
>> hwaddr h_raddr, pte_addr;
>> int ret;
>> @@ -393,9 +393,18 @@ static int
>> ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
>> __func__, access_str(access_type),
>> eaddr, mmu_idx, pid);
>>
>> + prtb = (pate.dw1 & PATE1_R_PRTB);
>> + size = 1ULL << ((pate.dw1 & PATE1_R_PRTS) + 12);
>> + if (prtb & (size - 1)) {
>> + /* Process Table not properly aligned */
>> + if (guest_visible) {
>> + ppc_radix64_raise_si(cpu, access_type, eaddr,
>> DSISR_R_BADCONFIG);
>> + }
>> + return 1;
>> + }
>> +
>> /* Index Process Table by PID to Find Corresponding Process
>> Table Entry */
>> offset = pid * sizeof(struct prtb_entry);
>> - size = 1ULL << ((pate.dw1 & PATE1_R_PRTS) + 12);
>> if (offset >= size) {
>> /* offset exceeds size of the process table */
>> if (guest_visible) {
>> @@ -403,7 +412,7 @@ static int
>> ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
>> }
>> return 1;
>> }
>> - prtbe_addr = (pate.dw1 & PATE1_R_PRTB) + offset;
>> + prtbe_addr = prtb + offset;
>>
>> if (vhyp_flat_addressing(cpu)) {
>> prtbe0 = ldq_phys(cs->as, prtbe_addr);
>> @@ -568,7 +577,7 @@ static bool ppc_radix64_xlate_impl(PowerPCCPU
>> *cpu, vaddr eaddr,
>> return false;
>> }
>>
>> - /* Get Process Table */
>> + /* Get Partition Table */
>> if (cpu->vhyp) {
>> PPCVirtualHypervisorClass *vhc;
>> vhc = PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp);
>
next prev parent reply other threads:[~2022-06-23 14:26 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-20 20:27 [PATCH 0/3] ppc: Check for bad Radix configs Leandro Lupori
2022-06-20 20:27 ` [PATCH 1/3] ppc: Check partition and process table alignment Leandro Lupori
2022-06-21 11:05 ` Cédric Le Goater
2022-06-23 14:24 ` Leandro Lupori [this message]
2022-06-20 20:27 ` [PATCH 2/3] target/ppc: Improve Radix xlate level validation Leandro Lupori
2022-06-21 21:21 ` Fabiano Rosas
2022-06-24 13:22 ` Leandro Lupori
2022-06-20 20:27 ` [PATCH 3/3] target/ppc: Check page dir/table base alignment Leandro Lupori
2022-06-21 21:26 ` Fabiano Rosas
2022-06-23 14:26 ` Leandro Lupori
2022-06-23 21:34 ` Richard Henderson
2022-06-24 12:20 ` Leandro Lupori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3b668ffb-da6b-09c9-dd3a-6649f8a9e3ea@eldorado.org.br \
--to=leandro.lupori@eldorado.org.br \
--cc=clg@kaod.org \
--cc=danielhb413@gmail.com \
--cc=david@gibson.dropbear.id.au \
--cc=groug@kaod.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.