From patchwork Tue Sep 4 23:14:35 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alistair Francis X-Patchwork-Id: 966115 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=208.118.235.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=wdc.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=wdc.com header.i=@wdc.com header.b="pelygMJe"; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=sharedspace.onmicrosoft.com header.i=@sharedspace.onmicrosoft.com header.b="Pl48a+Sq"; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 424jPw2LmPz9s7T for ; Wed, 5 Sep 2018 09:16:19 +1000 (AEST) Received: from localhost ([::1]:52969 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fxKYS-00004q-3V for incoming@patchwork.ozlabs.org; Tue, 04 Sep 2018 19:16:16 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57769) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fxKXZ-0008Vp-4a for qemu-devel@nongnu.org; Tue, 04 Sep 2018 19:15:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fxKXV-0001rR-75 for qemu-devel@nongnu.org; Tue, 04 Sep 2018 19:15:20 -0400 Received: from esa2.hgst.iphmx.com ([68.232.143.124]:27807) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fxKXU-0001cF-Jb for qemu-devel@nongnu.org; Tue, 04 Sep 2018 19:15:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com; t=1536102965; x=1567638965; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=lwca9t1+nDg0F6GuVLYbWuIUyAMn+u2+4eXGZEUYqY8=; b=pelygMJedfKxbQgiAB1NN3q89o/fmRZEnk3cRpIiMBlLUHVT+gSuzLvJ HFDfRvVJSvX2ZrYm6vWfeUTOD3LYT/7VkafViKMbjaD3BCmmWDgRWL0NS nyp5rR0rv65afq9te7w9xkE0EPMClQJORGGFGxfTtjgtimaRVoFgz3afT OA9VETrnqu5+zMSfI/WDzRY99Bsg7jJfvI2DArFX+9kCwTiPsvZ49jSxB Uj+iiYNqx2T+XBrS2komtudXfNRsqMADMGxAJmExYWvKYrzwzUd4RKhOl WGyjE14xacLsImvNVGoxZuTpoiRl/W9KnyYxj6WGolEmwVYmlaPpjd453 w==; X-IronPort-AV: E=Sophos;i="5.53,330,1531756800"; d="scan'208";a="186541886" Received: from mail-dm3nam03lp0023.outbound.protection.outlook.com (HELO NAM03-DM3-obe.outbound.protection.outlook.com) ([207.46.163.23]) by ob1.hgst.iphmx.com with ESMTP; 05 Sep 2018 07:16:02 +0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sharedspace.onmicrosoft.com; s=selector1-wdc-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YaZw2XM1x9YOL7GYhd4mphFT6b4jR0fzfWKQZA4ZGXk=; b=Pl48a+SqQ82tpLaGDj9ClSvtuF0p/1Y+y11gk9h2Vi7bs1pmgleqbhghWy2Pkzb2ViW7UdTlXQOKDzJ/11N+h05seIg8M+nO0EVZflC2EtaBDIuYaOsw6I/Qe9hX1mLO1d1KMVfs9iGvpp8DkjpWJwJ9PcK5Tc0O923yG5lfBnw= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Alistair.Francis@wdc.com; Received: from risc6-mainframe.int.fusionio.com (199.255.44.171) by BN6PR04MB0389.namprd04.prod.outlook.com (2603:10b6:404:91::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1101.18; Tue, 4 Sep 2018 23:15:07 +0000 From: Alistair Francis To: qemu-devel@nongnu.org Date: Tue, 4 Sep 2018 16:14:35 -0700 Message-Id: <20180904231442.18932-3-alistair.francis@wdc.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180904231442.18932-1-alistair.francis@wdc.com> References: <20180904231442.18932-1-alistair.francis@wdc.com> MIME-Version: 1.0 X-Originating-IP: [199.255.44.171] X-ClientProxiedBy: BYAPR07CA0023.namprd07.prod.outlook.com (2603:10b6:a02:bc::36) To BN6PR04MB0389.namprd04.prod.outlook.com (2603:10b6:404:91::18) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4ea88342-8b95-4a11-f991-08d612bc4461 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:BN6PR04MB0389; X-Microsoft-Exchange-Diagnostics: 1; BN6PR04MB0389; 3:NbFIP0IKlmNsxtGKvK3u7w40qOos1jxeC2YG9d5C8tLHdldLip9VaqJ40elKxkVwfxvPdBuf6k/V44qByD6OrbWqFVrmHsSfnn7iTrPyquzwdGMK/oyxqZ4HqScDR2rSu1v8CS/GXZB6tcllu7vXZt7lRCy11yOBpHF5RpbMVP0gQ1xVz2EzUE+3TQpBREkW8UfAehUPq2ww9cF/d9L8xjWfMK0iKyZjp2SyqeJGAsVFk9gIhR5t3WZsevRKtIRw; 25:f85VRZgMfpvy+6+0RDsDjdsvaA65fdRi+TFLJ4q8DY6hP/+7NhYuSLMbIm6VTC02XX2VW00pHiyeTvSsOY7phGrY2Uv2JFYBWz0hg1uGgFFsiWKCy6JsILo/DcdeCIK+JdcO0xGr2vfIAP63YeWxzjIQTx3Ri147Fouv0Lf17dXgvIHVUirXiKTB6zfSCEUjFBjvWBPNPshGnA0di/KvWiWSVFcIoIsmYusMOrnZ+/rXYKMVHtnZcTBB36CodMp8jM2zQR/WsyvEHec9RW1zxflNsXrwJNIYPzYHEikcUuEmzTL+vPxQdRpGI0LJ5v0dryCIZFiSJnp1Zofa8BdHAQ==; 31:jJKPbr3+mUM/FXfJtnrIP/d0KbdrSvWH+K194F1kDF+khw0s7/wUJtnJyWrTOa753T/+jQ1bwtsmMxOFlgeUjJPQ04c4p2n5LB8+dGNlo0jXbNBv2OI+TTSEonjlTi7ii9uIfC6PT3xp/BV/m3UaH57P6G9Q25k0XR6VPUpXLQdiTW0ZSBZ9jpybO+d5w41T98QnNKdMtFpQM4Ma1ug1QMp1clvpIeplr/+oy8p+Zyc= X-MS-TrafficTypeDiagnostic: BN6PR04MB0389: WDCIPOUTBOUND: EOP-TRUE X-Microsoft-Exchange-Diagnostics: 1; BN6PR04MB0389; 20:2t3CfclFYOV2hqMbdzOpYowlq4CJ6G812f8LxkRieOqQPojhLRyeytyEBwrWVIUHRULvy6S5ejCFjaypRi/nwhJDtG0RQ3ak8UQM4F6jAo2K9JCX0R99tNn68BkXNO42nIdaNUkp+TVvOYZjO967n8/VZzluvS1Eb06pSAK8yWKxhn/iHzfmjV+kl7Jsd/DASLiYrgKwXF0Z1cqsxsky+57DoENp3WXnEEzVtni8NUWc5KqjZ3rKQjqFg/umAJXEEqbOLfPY8f2vM5qPOJev9jO+Q9+B45ILCE8kuFD9lFMTNWhoEvrXmu4h4KAAYQ0fFNEyEeiKE2zpsh+2P/ARJo+XcuDEfOdXVPyyVBrmT+4kaM3CMUZbPmbAle1w0to+W6bD6dvqMadoAe9OGTviadVlN34ff2SKcMlSpl4LzCywc2TVcGYqgH9Cpm1pKjviA5rqlFkLTzRj5ZzoTTlEDpHxx2qYaek6mwsiJsb+IS6DPuioFo6XARA+r7Vpm1sN; 4:avBj/iyXmMX5oJaqWWSJci64hz1nbpPG2+IbV5GIT5Q7oj1NoGTdP6YJFNBxhE/vB0KGvQrmp1C6IpTjpG88+kls978MUuqnYMukk5c16IcV+N8Gj+lvwPtb6bEZwTPqT/9H7xr0z1R1bWgRgN2wiSN0qMce+u7/VnzALZfw3A87gtQ6byhQaYqfNDfhtYRtPqeptscrM8q6WHDX5KVr7daWw4CggjBwifpzHhi9wpRe1M8XIufcYHkLY+yF7XjUXlfD5LiCoznIC0UimbH3Kw== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3231311)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(20161123564045)(20161123558120)(20161123562045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699016); SRVR:BN6PR04MB0389; BCL:0; PCL:0; RULEID:; SRVR:BN6PR04MB0389; X-Forefront-PRVS: 0785459C39 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(39860400002)(376002)(136003)(346002)(396003)(366004)(199004)(189003)(6512007)(2906002)(486006)(51416003)(76176011)(4326008)(68736007)(5660300001)(2351001)(44832011)(6916009)(52116002)(6486002)(14444005)(97736004)(106356001)(6666003)(2361001)(105586002)(478600001)(36756003)(3846002)(1076002)(6116002)(386003)(8936002)(305945005)(11346002)(7736002)(25786009)(26005)(54906003)(81156014)(8676002)(2616005)(53936002)(316002)(50466002)(186003)(956004)(16586007)(66066001)(16526019)(50226002)(86362001)(81166006)(72206003)(446003)(476003)(47776003)(6506007)(48376002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR04MB0389; H:risc6-mainframe.int.fusionio.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN6PR04MB0389; 23:v45Hf6s4GX/uwP1oUJRn00argOSi8ERH0AHNv8+qo?= IJSy90SVbWaunRzuCpt9x8AmgLN971xLbmgSOOtp44+uHNzP0uus1UxvctCvjTNAQ3EcMKhgrIMdhUAodIVxk8xkBhen9c/ldrLOVzXCesopbTLaZV5rs8bsChXjsFb09J0pJKOEQXadzFwx3r1EnDr3W9Bh75qeK5no3sEcN9i+weMsyUABHdgSiWGgUWJekTptJz5aQ350Mo3tYDdW7wdRwlzrHgfLDsPwKNDYR/DcyPAGjpuMmNMjerVUGfk6r7cYNkDwgh5lxC60c3hMKEv6mj8w8FTaceWfEUUJKxlG6yRFvwi8TdFAm6m1gVHeuFh5ghJ2ilSDXwhw+NxcFQsvbMOlC1+zCxL38bj/G/7XVnplnwsfrij/bYkeX50yLnjcNotD+/xCNvRfjLIwG6LtQxs7uKWA060TyibibXmEhezpe5QWrc5KN9WNQF6xd9Sk5HUaPI5GlfCmqiYwkXTEsm0YxV2lgFn1+JyW2Rr5ex3IrkEK8+iGrleIrE4Xe7rizPPa9YkwYQbcEo+3W8jIP7ZmXr6yFuqjjc9uSXQvqk2gQKs8PVOrbPmay56dNyYaDQ8YdkPdGTKNj6ql9/aum59WVyJFzZFFSRrcHsqobAMwqTFBuXFsyvHJ/NINylr91K8KmTC/GZMvOeYLXCbIE/HnDML0LhCqvSJek37+GmDwATZeg0KRl0xzoR21+Tb5q6+B1u+YDG0ptlABMehS8ouwMrIIr/5L58O1VTNPgJARGq0OjhQFiZNiq1ps8/FgJMWRdEC/F+92MWhPVQ6dzeEE8QV8S6EJrgBwnEM3B0Mc/NUpxLsqSaFLWbvpsF9f1+NvJUiLqZuXuqmFMbAvbduy00T2bu8AgqKdgC4rQgTbHHj3KR0dRU0eoFnWFVfSJOWK03Xidn4u9US+sGyF+mtHm8nH6akEuQHxYNeWYH+vQSGMvVhf0/2Eeu4ERRuDvRXbi7WB/K5Fk7cD95yGdTohf1I1dZbG18jv+uXMI044M0WpgvxMVtXmMWGpZNj7EKixSvmstdPNkB4+eUtOki+sjKXdp4y/ppF7ejhhDCiI1ZXEdeYUs41ewvTSn80WGzVw9GvJAwpaPPq8QPIcSQoFkd30GziG6FWAW6StNrWV18pDuzblGdtr8ITzjikPSI1CcXfaN1l569v6nKUzngVccAzGIIHSjzS0QEQv5PGaAdB3R2hz8j/vP0j/JPYczJxBRKV3mvROgandXvMjKu1E69jWJalJki5s8CqElrb4ceObP35hGfEyDSNVlE= X-Microsoft-Antispam-Message-Info: Vl6pjoacf1nOH551Ll3ldVXAq0vBBDxr2xEblJUcw9hX3gofOw6D5ityRBLabrZcUbeJr0wm/0NmzWXS7yb2bVnSS6lUhouZ2C2/cD3z26KVesCRFH8eLoFLEKCgVUaOFQlABaPMBEsnMzjEJEuEO9OmZT565nkRrVH+S/Quzb63EWL9uDI1xgDhCScIsMpThUSHqTqxeD0ykSOuoYM7radntqKCbJiPASbN5Eyj1aEMSwc0FYR1iXismptrNwftgUJr05MqbPiqtjEmfIczg7lhLkOX07AqlmtdCXrCm5e+pvdFl1GXm/7GcYJgH+FJBfhbnJ5jH4alpKVFbAva/bfHy8Pn7AHfEQx32NNZkt4= X-Microsoft-Exchange-Diagnostics: 1; BN6PR04MB0389; 6:/E5H/rwuY+giAswcvbSf7ynqrff2LH93H8QoB+w6kgZwGkbOz0IGFWmLPIDNTymuMlGLNO7DMp8p7FB9V+NTw8M0fgbKrKzI08nbIE7MWohyp0PYXGPLE3t0ab8RS8+eyj96rAp5euXJysiS0j9TPXz+h4XrpQX1PEEVthcDhYN1DLMrYIhKdYcxXaCO1kTrO1X1mvkf8LTJGmjzTqNlo1oCIK3bCeGsBUlDgftnC1MmgvUfAEMlKKUB+zvwJ2MmhWaNWEBUqbg3sQdC71Fhi1Hoeb8vnlwrBm4dC3PjxP9Fm7XZE6rPSZ4kxHmjJ+8pvzUbKckBfIHCiupP5a86FnAFSpyaMlJM53EYckLZL24SmRAb6oQzhYtJaMoNlq68TTGRtTKH5l7+27SCrcD+87mqoZySrm+vg0pmiHd8hCYKkwJCwu/NxXGHHADXal4XtSJkMiRsqXaK2QNTVfh2LA==; 5:tTsDPqmffvh7ydmna5tsifRqlC2wdMYsxuD+6by2JzaDDVHRVsZqj+5N7QUPdJLQeyIXpLhu4HMlvg6Pj8KsKefAKfSnLkqZdnYA5Odrgu/WoWiT+PvneC9QES5N45rwdWPEK7BxIzMTo7OEG20+2HVxfrCmwz8roX3uv6lRtc0=; 7:R+uHikU17a+LbumIs6rQI5U2CyB56IuaQlvEyONHMwJQZKkMMfTfAPSIskjGuGpZtIExSrOyMpLydgUYBzkmqfExFTcwzVcdo48toVKTWsugDVEAr88Thb8E0ZRwNpODsNBzOreHFRuqsjArdjnMoblPtOuXX2YigblBpOzFxbBjZyU4Dva6C/y5+zey82QVg/aeevjsl+bjcbLmzipcSn+EhSNt5LjPlofWP6VqvV9nj10ebJaDkXo/fHnq3HAP SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: wdc.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Sep 2018 23:15:07.3988 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4ea88342-8b95-4a11-f991-08d612bc4461 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: b61c8803-16f3-4c35-9b17-6f65f441df86 X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR04MB0389 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 68.232.143.124 Subject: [Qemu-devel] [PULL 2/9] RISC-V: Improve page table walker spec compliance X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Bastian Koppelmann , Alistair Francis , Michael Clark , Palmer Dabbelt , Sagar Karandikar Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" From: Michael Clark - Inline PTE_TABLE check for better readability - Change access checks from ternary operator to if - Improve readibility of User page U mode and SUM test - Disallow non U mode from fetching from User pages - Add reserved PTE flag check: W or W|X - Add misaligned PPN check - Set READ protection for PTE X flag and mstatus.mxr - Use memory_region_is_ram in pte update Cc: Sagar Karandikar Cc: Bastian Koppelmann Cc: Palmer Dabbelt Cc: Alistair Francis Signed-off-by: Michael Clark Reviewed-by: Alistair Francis Signed-off-by: Alistair Francis --- target/riscv/cpu_bits.h | 2 -- target/riscv/helper.c | 64 +++++++++++++++++++++++++++++------------ 2 files changed, 45 insertions(+), 21 deletions(-) diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 64aa097181..12b4757088 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -407,5 +407,3 @@ #define PTE_SOFT 0x300 /* Reserved for Software */ #define PTE_PPN_SHIFT 10 - -#define PTE_TABLE(PTE) (((PTE) & (PTE_V | PTE_R | PTE_W | PTE_X)) == PTE_V) diff --git a/target/riscv/helper.c b/target/riscv/helper.c index 29e1a603dc..1f0527e07f 100644 --- a/target/riscv/helper.c +++ b/target/riscv/helper.c @@ -185,16 +185,39 @@ restart: #endif target_ulong ppn = pte >> PTE_PPN_SHIFT; - if (PTE_TABLE(pte)) { /* next level of page table */ + if (!(pte & PTE_V)) { + /* Invalid PTE */ + return TRANSLATE_FAIL; + } else if (!(pte & (PTE_R | PTE_W | PTE_X))) { + /* Inner PTE, continue walking */ base = ppn << PGSHIFT; - } else if ((pte & PTE_U) ? (mode == PRV_S) && !sum : !(mode == PRV_S)) { - break; - } else if (!(pte & PTE_V) || (!(pte & PTE_R) && (pte & PTE_W))) { - break; - } else if (access_type == MMU_INST_FETCH ? !(pte & PTE_X) : - access_type == MMU_DATA_LOAD ? !(pte & PTE_R) && - !(mxr && (pte & PTE_X)) : !((pte & PTE_R) && (pte & PTE_W))) { - break; + } else if ((pte & (PTE_R | PTE_W | PTE_X)) == PTE_W) { + /* Reserved leaf PTE flags: PTE_W */ + return TRANSLATE_FAIL; + } else if ((pte & (PTE_R | PTE_W | PTE_X)) == (PTE_W | PTE_X)) { + /* Reserved leaf PTE flags: PTE_W + PTE_X */ + return TRANSLATE_FAIL; + } else if ((pte & PTE_U) && ((mode != PRV_U) && + (!sum || access_type == MMU_INST_FETCH))) { + /* User PTE flags when not U mode and mstatus.SUM is not set, + or the access type is an instruction fetch */ + return TRANSLATE_FAIL; + } else if (!(pte & PTE_U) && (mode != PRV_S)) { + /* Supervisor PTE flags when not S mode */ + return TRANSLATE_FAIL; + } else if (ppn & ((1ULL << ptshift) - 1)) { + /* Misaligned PPN */ + return TRANSLATE_FAIL; + } else if (access_type == MMU_DATA_LOAD && !((pte & PTE_R) || + ((pte & PTE_X) && mxr))) { + /* Read access check failed */ + return TRANSLATE_FAIL; + } else if (access_type == MMU_DATA_STORE && !(pte & PTE_W)) { + /* Write access check failed */ + return TRANSLATE_FAIL; + } else if (access_type == MMU_INST_FETCH && !(pte & PTE_X)) { + /* Fetch access check failed */ + return TRANSLATE_FAIL; } else { /* if necessary, set accessed and dirty bits. */ target_ulong updated_pte = pte | PTE_A | @@ -202,16 +225,19 @@ restart: /* Page table updates need to be atomic with MTTCG enabled */ if (updated_pte != pte) { - /* if accessed or dirty bits need updating, and the PTE is - * in RAM, then we do so atomically with a compare and swap. - * if the PTE is in IO space, then it can't be updated. - * if the PTE changed, then we must re-walk the page table - as the PTE is no longer valid */ + /* + * - if accessed or dirty bits need updating, and the PTE is + * in RAM, then we do so atomically with a compare and swap. + * - if the PTE is in IO space or ROM, then it can't be updated + * and we return TRANSLATE_FAIL. + * - if the PTE changed by the time we went to update it, then + * it is no longer valid and we must re-walk the page table. + */ MemoryRegion *mr; hwaddr l = sizeof(target_ulong), addr1; mr = address_space_translate(cs->as, pte_addr, &addr1, &l, false, MEMTXATTRS_UNSPECIFIED); - if (memory_access_is_direct(mr, true)) { + if (memory_region_is_ram(mr)) { target_ulong *pte_pa = qemu_map_ram_ptr(mr->ram_block, addr1); #if TCG_OVERSIZED_GUEST @@ -239,15 +265,15 @@ restart: target_ulong vpn = addr >> PGSHIFT; *physical = (ppn | (vpn & ((1L << ptshift) - 1))) << PGSHIFT; - if ((pte & PTE_R)) { + /* set permissions on the TLB entry */ + if ((pte & PTE_R) || ((pte & PTE_X) && mxr)) { *prot |= PAGE_READ; } if ((pte & PTE_X)) { *prot |= PAGE_EXEC; } - /* only add write permission on stores or if the page - is already dirty, so that we don't miss further - page table walks to update the dirty bit */ + /* add write permission on stores or if the page is already dirty, + so that we TLB miss on later writes to update the dirty bit */ if ((pte & PTE_W) && (access_type == MMU_DATA_STORE || (pte & PTE_D))) { *prot |= PAGE_WRITE;