From patchwork Wed Sep 14 08:43:03 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Graf X-Patchwork-Id: 114654 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [140.186.70.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id A1159B71D3 for ; Wed, 14 Sep 2011 21:07:42 +1000 (EST) Received: from localhost ([::1]:59461 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1R3l44-0000CZ-Sl for incoming@patchwork.ozlabs.org; Wed, 14 Sep 2011 04:43:28 -0400 Received: from eggs.gnu.org ([140.186.70.92]:42432) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1R3l3S-0007PZ-1h for qemu-devel@nongnu.org; Wed, 14 Sep 2011 04:43:02 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1R3l3H-0000Z0-3N for qemu-devel@nongnu.org; Wed, 14 Sep 2011 04:42:50 -0400 Received: from cantor2.suse.de ([195.135.220.15]:36946 helo=mx2.suse.de) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1R3l3G-0000XS-JG; Wed, 14 Sep 2011 04:42:38 -0400 Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.221.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx2.suse.de (Postfix) with ESMTP id A77DC916B4; Wed, 14 Sep 2011 10:42:36 +0200 (CEST) From: Alexander Graf To: qemu-devel Developers Date: Wed, 14 Sep 2011 10:43:03 +0200 Message-Id: <1315989802-18753-40-git-send-email-agraf@suse.de> X-Mailer: git-send-email 1.7.3.4 In-Reply-To: <1315989802-18753-1-git-send-email-agraf@suse.de> References: <1315989802-18753-1-git-send-email-agraf@suse.de> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.4-2.6 X-Received-From: 195.135.220.15 Cc: Blue Swirl , qemu-ppc@nongnu.org, Aurelien Jarno , David Gibson Subject: [Qemu-devel] [PATCH 39/58] pseries: More complete WIMG validation in H_ENTER code X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org From: David Gibson Currently our implementation of the H_ENTER hypercall, which inserts a mapping in the hash page table assumes that only ordinary memory is ever mapped, and only permits mapping attribute bits accordingly (WIMG==0010). However, we intend to start adding emulated IO to the pseries platform (and real IO with PCI passthrough on kvm) which means this simple test will no longer suffice. This patch extends the h_enter validation code to check if the given address is a RAM address. If it is it enforces WIMG==0010, otherwise it assumes that it is an IO mapping and instead enforces WIMG=010x. Signed-off-by: David Gibson Signed-off-by: Alexander Graf --- hw/spapr.c | 3 ++- hw/spapr.h | 1 + hw/spapr_hcall.c | 22 ++++++++++++++++++---- 3 files changed, 21 insertions(+), 5 deletions(-) diff --git a/hw/spapr.c b/hw/spapr.c index 9eefef9..00aed62 100644 --- a/hw/spapr.c +++ b/hw/spapr.c @@ -336,7 +336,8 @@ static void ppc_spapr_init(ram_addr_t ram_size, } /* allocate RAM */ - ram_offset = qemu_ram_alloc(NULL, "ppc_spapr.ram", ram_size); + spapr->ram_limit = ram_size; + ram_offset = qemu_ram_alloc(NULL, "ppc_spapr.ram", spapr->ram_limit); cpu_register_physical_memory(0, ram_size, ram_offset); /* allocate hash page table. For now we always make this 16mb, diff --git a/hw/spapr.h b/hw/spapr.h index 009c459..3d21b7a 100644 --- a/hw/spapr.h +++ b/hw/spapr.h @@ -10,6 +10,7 @@ typedef struct sPAPREnvironment { struct VIOsPAPRBus *vio_bus; struct icp_state *icp; + target_phys_addr_t ram_limit; void *htab; long htab_size; target_phys_addr_t fdt_addr, rtas_addr; diff --git a/hw/spapr_hcall.c b/hw/spapr_hcall.c index f7ead04..70f853c 100644 --- a/hw/spapr_hcall.c +++ b/hw/spapr_hcall.c @@ -99,6 +99,8 @@ static target_ulong h_enter(CPUState *env, sPAPREnvironment *spapr, target_ulong pte_index = args[1]; target_ulong pteh = args[2]; target_ulong ptel = args[3]; + target_ulong page_shift = 12; + target_ulong raddr; target_ulong i; uint8_t *hpte; @@ -111,6 +113,7 @@ static target_ulong h_enter(CPUState *env, sPAPREnvironment *spapr, #endif if ((ptel & 0xff000) == 0) { /* 16M page */ + page_shift = 24; /* lowest AVA bit must be 0 for 16M pages */ if (pteh & 0x80) { return H_PARAMETER; @@ -120,12 +123,23 @@ static target_ulong h_enter(CPUState *env, sPAPREnvironment *spapr, } } - /* FIXME: bounds check the pa? */ + raddr = (ptel & HPTE_R_RPN) & ~((1ULL << page_shift) - 1); - /* Check WIMG */ - if ((ptel & HPTE_R_WIMG) != HPTE_R_M) { - return H_PARAMETER; + if (raddr < spapr->ram_limit) { + /* Regular RAM - should have WIMG=0010 */ + if ((ptel & HPTE_R_WIMG) != HPTE_R_M) { + return H_PARAMETER; + } + } else { + /* Looks like an IO address */ + /* FIXME: What WIMG combinations could be sensible for IO? + * For now we allow WIMG=010x, but are there others? */ + /* FIXME: Should we check against registered IO addresses? */ + if ((ptel & (HPTE_R_W | HPTE_R_I | HPTE_R_M)) != HPTE_R_I) { + return H_PARAMETER; + } } + pteh &= ~0x60ULL; if ((pte_index * HASH_PTE_SIZE_64) & ~env->htab_mask) {