summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDayeol Lee <dayeol@berkeley.edu>2019-10-22 21:21:29 +0000
committerPalmer Dabbelt <palmer@sifive.com>2019-10-28 08:46:33 -0700
commit9667e53573f907d4fcd6accff1c8fe525544b749 (patch)
tree1f183161f449f6d483f66bb2796529a6fa89fb21
parent3aa9004f09c80290e119cd7b93dfca73ab418883 (diff)
downloadqemu-9667e53573f907d4fcd6accff1c8fe525544b749.zip
target/riscv: PMP violation due to wrong size parameter
riscv_cpu_tlb_fill() uses the `size` parameter to check PMP violation using pmp_hart_has_privs(). However, if the size is unknown (=0), the ending address will be `addr - 1` as it is `addr + size - 1` in `pmp_hart_has_privs()`. This always causes a false PMP violation on the starting address of the range, as `addr - 1` is not in the range. In order to fix, we just assume that all bytes from addr to the end of the page will be accessed if the size is unknown. Signed-off-by: Dayeol Lee <dayeol@berkeley.edu> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
-rw-r--r--target/riscv/pmp.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/target/riscv/pmp.c b/target/riscv/pmp.c
index d4f1007109..0e6b640fbd 100644
--- a/target/riscv/pmp.c
+++ b/target/riscv/pmp.c
@@ -223,6 +223,7 @@ bool pmp_hart_has_privs(CPURISCVState *env, target_ulong addr,
{
int i = 0;
int ret = -1;
+ int pmp_size = 0;
target_ulong s = 0;
target_ulong e = 0;
pmp_priv_t allowed_privs = 0;
@@ -232,11 +233,21 @@ bool pmp_hart_has_privs(CPURISCVState *env, target_ulong addr,
return true;
}
+ /*
+ * if size is unknown (0), assume that all bytes
+ * from addr to the end of the page will be accessed.
+ */
+ if (size == 0) {
+ pmp_size = -(addr | TARGET_PAGE_MASK);
+ } else {
+ pmp_size = size;
+ }
+
/* 1.10 draft priv spec states there is an implicit order
from low to high */
for (i = 0; i < MAX_RISCV_PMPS; i++) {
s = pmp_is_in_range(env, i, addr);
- e = pmp_is_in_range(env, i, addr + size - 1);
+ e = pmp_is_in_range(env, i, addr + pmp_size - 1);
/* partially inside */
if ((s + e) == 1) {