[PULL,03/34] s390x/tcg: MVCL: Detect destructive overlaps

Message ID	20190919124115.11510-4-cohuck@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Cornelia Huck <cohuck@redhat.com> To: Peter Maydell <peter.maydell@linaro.org> Date: Thu, 19 Sep 2019 14:40:44 +0200 Message-Id: <20190919124115.11510-4-cohuck@redhat.com> In-Reply-To: <20190919124115.11510-1-cohuck@redhat.com> References: <20190919124115.11510-1-cohuck@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Subject: [Qemu-devel] [PULL 03/34] s390x/tcg: MVCL: Detect destructive overlaps Precedence: list Cc: qemu-s390x@nongnu.org, Richard Henderson <richard.henderson@linaro.org>, qemu-devel@nongnu.org, David Hildenbrand <david@redhat.com> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
Series	[PULL,01/34] s390x/tcg: Reset exception_index to -1 instead of 0 \| expand [PULL,01/34] s390x/tcg: Reset exception_index to -1 instead of 0 [PULL,02/34] s390x/tcg: MVCL: Zero out unused bits of address [PULL,03/34] s390x/tcg: MVCL: Detect destructive overlaps [PULL,04/34] s390x/tcg: MVCL: Process max 4k bytes at a time [PULL,05/34] s390x/tcg: MVC: Increment the length once [PULL,06/34] s390x/tcg: MVC: Use is_destructive_overlap() [PULL,07/34] s390x/tcg: MVPG: Check for specification exceptions [PULL,08/34] s390x/tcg: MVPG: Properly wrap the addresses [PULL,09/34] s390x/tcg: MVCLU/MVCLE: Process max 4k bytes at a time [PULL,10/34] s390x/tcg: MVCS/MVCP: Check for special operation exceptions [PULL,11/34] s390x/tcg: MVCOS: Lengths are 32 bit in 24/31-bit mode [PULL,12/34] s390x/tcg: MVCS/MVCP: Properly wrap the length [PULL,13/34] s390x/tcg: MVST: Check for specification exceptions [PULL,14/34] s390x/tcg: MVST: Fix storing back the addresses to registers [PULL,15/34] s390x/tcg: Always use MMU_USER_IDX for CONFIG_USER_ONLY [PULL,16/34] s390x/tcg: Fault-safe memset [PULL,17/34] s390x/tcg: Fault-safe memmove [PULL,18/34] s390x/tcg: MVCS/MVCP: Use access_memmove() [PULL,19/34] s390x/tcg: MVC: Fault-safe handling on destructive overlaps [PULL,20/34] s390x/tcg: MVCLU: Fault-safe handling [PULL,21/34] s390x/tcg: OC: Fault-safe handling [PULL,22/34] s390x/tcg: XC: Fault-safe handling [PULL,23/34] s390x/tcg: NC: Fault-safe handling [PULL,24/34] s390x/tcg: MVCIN: Fault-safe handling [PULL,25/34] s390x/tcg: MVN: Fault-safe handling [PULL,26/34] s390x/tcg: MVZ: Fault-safe handling [PULL,27/34] s390x/tcg: MVST: Fault-safe handling [PULL,28/34] s390x/tcg: MVO: Fault-safe handling [PULL,29/34] tests/tcg: target/s390x: Test MVO [PULL,30/34] pc-bios/s390-ccw: Do not pre-initialize empty array [PULL,31/34] pc-bios/s390-ccw/net: fix a possible memory leak in get_uuid() [PULL,33/34] s390x/kvm: Officially require at least kernel 3.15 [PULL,34/34] s390x/cpumodel: Add the z15 name to the description of gen15a

Message ID

20190919124115.11510-4-cohuck@redhat.com

State

New

Headers

From: Cornelia Huck <cohuck@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>
Date: Thu, 19 Sep 2019 14:40:44 +0200
Message-Id: <20190919124115.11510-4-cohuck@redhat.com>
In-Reply-To: <20190919124115.11510-1-cohuck@redhat.com>
References: <20190919124115.11510-1-cohuck@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] [PULL 03/34] s390x/tcg: MVCL: Detect destructive
	overlaps
Precedence: list
Cc: qemu-s390x@nongnu.org, Richard Henderson <richard.henderson@linaro.org>, 
	qemu-devel@nongnu.org, David Hildenbrand <david@redhat.com>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Series

[PULL,01/34] s390x/tcg: Reset exception_index to -1 instead of 0 | expand

Commit Message

Cornelia Huck Sept. 19, 2019, 12:40 p.m. UTC

From: David Hildenbrand <david@redhat.com>

We'll have to zero-out unused bit positions, so make sure to write the
addresses back.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 target/s390x/mem_helper.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
index b02ad148e55b..223312a4b194 100644
--- a/target/s390x/mem_helper.c
+++ b/target/s390x/mem_helper.c
@@ -52,6 +52,19 @@  static inline bool psw_key_valid(CPUS390XState *env, uint8_t psw_key)
     return true;
 }
 
+static bool is_destructive_overlap(CPUS390XState *env, uint64_t dest,
+                                   uint64_t src, uint32_t len)
+{
+    if (!len || src == dest) {
+        return false;
+    }
+    /* Take care of wrapping at the end of address space. */
+    if (unlikely(wrap_address(env, src + len - 1) < src)) {
+        return dest > src || dest <= wrap_address(env, src + len - 1);
+    }
+    return dest > src && dest <= src + len - 1;
+}
+
 /* Reduce the length so that addr + len doesn't cross a page boundary.  */
 static inline uint32_t adj_len_to_page(uint32_t len, uint64_t addr)
 {
@@ -787,7 +800,11 @@  uint32_t HELPER(mvcl)(CPUS390XState *env, uint32_t r1, uint32_t r2)
     uint8_t pad = env->regs[r2 + 1] >> 24;
     uint32_t cc;
 
-    cc = do_mvcl(env, &dest, &destlen, &src, &srclen, pad, 1, ra);
+    if (is_destructive_overlap(env, dest, src, MIN(srclen, destlen))) {
+        cc = 3;
+    } else {
+        cc = do_mvcl(env, &dest, &destlen, &src, &srclen, pad, 1, ra);
+    }
 
     env->regs[r1 + 1] = deposit64(env->regs[r1 + 1], 0, 24, destlen);
     env->regs[r2 + 1] = deposit64(env->regs[r2 + 1], 0, 24, srclen);

[PULL,03/34] s390x/tcg: MVCL: Detect destructive overlaps

Commit Message

Patch