From: Anup Patel <apatel@ventanamicro.com>
To: Peter Maydell <peter.maydell@linaro.org>,
Palmer Dabbelt <palmer@dabbelt.com>,
Alistair Francis <Alistair.Francis@wdc.com>,
Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Anup Patel <apatel@ventanamicro.com>,
Anup Patel <anup@brainfault.org>,
qemu-riscv@nongnu.org, qemu-devel@nongnu.org,
Atish Patra <atishp@atishpatra.org>
Subject: [PATCH 1/4] target/riscv: Fix csr number based privilege checking
Date: Fri, 29 Apr 2022 09:04:06 +0530 [thread overview]
Message-ID: <20220429033409.258707-2-apatel@ventanamicro.com> (raw)
In-Reply-To: <20220429033409.258707-1-apatel@ventanamicro.com>
When hypervisor and VS CSRs are accessed from VS-mode or VU-mode,
the riscv_csrrw_check() function should generate virtual instruction
trap instead illegal instruction trap.
Fixes: 533c91e8f22c ("target/riscv: Use RISCVException enum for
CSR access")
Signed-off-by: Anup Patel <apatel@ventanamicro.com>
---
target/riscv/csr.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/target/riscv/csr.c b/target/riscv/csr.c
index 3500e07f92..2bf0a97196 100644
--- a/target/riscv/csr.c
+++ b/target/riscv/csr.c
@@ -3139,7 +3139,7 @@ static inline RISCVException riscv_csrrw_check(CPURISCVState *env,
int read_only = get_field(csrno, 0xC00) == 3;
int csr_min_priv = csr_ops[csrno].min_priv_ver;
#if !defined(CONFIG_USER_ONLY)
- int effective_priv = env->priv;
+ int csr_priv, effective_priv = env->priv;
if (riscv_has_ext(env, RVH) &&
env->priv == PRV_S &&
@@ -3152,7 +3152,11 @@ static inline RISCVException riscv_csrrw_check(CPURISCVState *env,
effective_priv++;
}
- if (!env->debugger && (effective_priv < get_field(csrno, 0x300))) {
+ csr_priv = get_field(csrno, 0x300);
+ if (!env->debugger && (effective_priv < csr_priv)) {
+ if (csr_priv == (PRV_S + 1) && riscv_cpu_virt_enabled(env)) {
+ return RISCV_EXCP_VIRT_INSTRUCTION_FAULT;
+ }
return RISCV_EXCP_ILLEGAL_INST;
}
#endif
--
2.34.1
WARNING: multiple messages have this Message-ID (diff)
From: Anup Patel <apatel@ventanamicro.com>
To: Peter Maydell <peter.maydell@linaro.org>,
Palmer Dabbelt <palmer@dabbelt.com>,
Alistair Francis <Alistair.Francis@wdc.com>,
Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Atish Patra <atishp@atishpatra.org>,
Anup Patel <anup@brainfault.org>,
qemu-riscv@nongnu.org, qemu-devel@nongnu.org,
Anup Patel <apatel@ventanamicro.com>
Subject: [PATCH 1/4] target/riscv: Fix csr number based privilege checking
Date: Fri, 29 Apr 2022 09:04:06 +0530 [thread overview]
Message-ID: <20220429033409.258707-2-apatel@ventanamicro.com> (raw)
In-Reply-To: <20220429033409.258707-1-apatel@ventanamicro.com>
When hypervisor and VS CSRs are accessed from VS-mode or VU-mode,
the riscv_csrrw_check() function should generate virtual instruction
trap instead illegal instruction trap.
Fixes: 533c91e8f22c ("target/riscv: Use RISCVException enum for
CSR access")
Signed-off-by: Anup Patel <apatel@ventanamicro.com>
---
target/riscv/csr.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/target/riscv/csr.c b/target/riscv/csr.c
index 3500e07f92..2bf0a97196 100644
--- a/target/riscv/csr.c
+++ b/target/riscv/csr.c
@@ -3139,7 +3139,7 @@ static inline RISCVException riscv_csrrw_check(CPURISCVState *env,
int read_only = get_field(csrno, 0xC00) == 3;
int csr_min_priv = csr_ops[csrno].min_priv_ver;
#if !defined(CONFIG_USER_ONLY)
- int effective_priv = env->priv;
+ int csr_priv, effective_priv = env->priv;
if (riscv_has_ext(env, RVH) &&
env->priv == PRV_S &&
@@ -3152,7 +3152,11 @@ static inline RISCVException riscv_csrrw_check(CPURISCVState *env,
effective_priv++;
}
- if (!env->debugger && (effective_priv < get_field(csrno, 0x300))) {
+ csr_priv = get_field(csrno, 0x300);
+ if (!env->debugger && (effective_priv < csr_priv)) {
+ if (csr_priv == (PRV_S + 1) && riscv_cpu_virt_enabled(env)) {
+ return RISCV_EXCP_VIRT_INSTRUCTION_FAULT;
+ }
return RISCV_EXCP_ILLEGAL_INST;
}
#endif
--
2.34.1
next prev parent reply other threads:[~2022-04-29 3:36 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-29 3:34 [PATCH 0/4] QEMU RISC-V nested virtualization fixes Anup Patel
2022-04-29 3:34 ` Anup Patel
2022-04-29 3:34 ` Anup Patel [this message]
2022-04-29 3:34 ` [PATCH 1/4] target/riscv: Fix csr number based privilege checking Anup Patel
2022-04-29 10:54 ` Alistair Francis
2022-04-29 10:54 ` Alistair Francis
2022-04-30 3:19 ` Frank Chang
2022-04-30 3:19 ` Frank Chang
2022-05-09 19:13 ` Atish Patra
2022-04-29 3:34 ` [PATCH 2/4] target/riscv: Fix hstatus.GVA bit setting for traps taken from HS-mode Anup Patel
2022-04-29 3:34 ` Anup Patel
2022-05-05 9:51 ` Alistair Francis
2022-05-05 10:36 ` Anup Patel
2022-05-09 9:23 ` Alistair Francis
2022-05-09 12:00 ` Anup Patel
2022-04-29 3:34 ` [PATCH 3/4] target/riscv: Set [m|s]tval for both illegal and virtual instruction traps Anup Patel
2022-04-29 3:34 ` Anup Patel
2022-04-30 3:16 ` Frank Chang
2022-04-30 3:16 ` Frank Chang
2022-05-09 9:36 ` Alistair Francis
2022-04-29 3:34 ` [PATCH 4/4] target/riscv: Update [m|h]tinst CSR in riscv_cpu_do_interrupt() Anup Patel
2022-04-29 3:34 ` Anup Patel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220429033409.258707-2-apatel@ventanamicro.com \
--to=apatel@ventanamicro.com \
--cc=Alistair.Francis@wdc.com \
--cc=anup@brainfault.org \
--cc=atishp@atishpatra.org \
--cc=palmer@dabbelt.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-riscv@nongnu.org \
--cc=sagark@eecs.berkeley.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.