From patchwork Thu May 26 11:24:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiang W X-Patchwork-Id: 1635825 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=MzQKmNLr; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=126.com header.i=@126.com header.a=rsa-sha256 header.s=s110527 header.b=IcyzCX0R; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4L85HY2bCTz9s75 for ; Thu, 26 May 2022 21:26:49 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=snacYDaGOuUOMdYCyjXYTLetMEafC+9wVKOtKEvIDXI=; b=MzQKmNLrhbxeN5 bTr/8NjQXxLKMcPf/lQTG08+/QuvoS4mgfctJWKu5Ku29lKdvmvRsEDviTHPMlDI6SFz2Gn37YrxI NGsLmpUEGFDjDQED2HARBrPlX0fz9EVu7CcmCO6XggnOVlCfzq9jCzgQTTOauiN6mBKbOyyLQGHl4 PzQpgD5Edkmcg2f5woOwzhAeY+szQc/CW7d+v5kcmFok8oHgvcUfKcc02fRf/N+kdvU+dScxlrWu5 iEA4tHD+tl64H4Qn1XlnC8cco/Om8Wx0Sw8bZ/jDjeCrwbuZ4SEFNUOhf7J3A/73wIfNkWseVYQD0 MljUp3uFFpDxCbcEi3CQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nuBdM-00EdZz-Q7; Thu, 26 May 2022 11:26:28 +0000 Received: from mail-m965.mail.126.com ([123.126.96.5]) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nuBbB-00EcaZ-87 for opensbi@lists.infradead.org; Thu, 26 May 2022 11:24:17 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=126.com; s=s110527; h=From:Subject:Date:Message-Id:MIME-Version; bh=q5EZV sR4tw0GN5ZVRm/Vpa1ILin7HStvMFvVCVCRpHs=; b=IcyzCX0RftbKMfLVsPSIh w2ZyPsca47Z7nnl2Sv/XeNARK/2SosgiyygSNWV1Cm6CcpfPfZbaoL1WBmPu4Noc UT/fUYo5IyFISlYSGXbKYmZJkjrSFHfiQ7vG+ihtqQgVfG6CNmhRoRIaWQPV1pAH 0lbhFM8fZwEkO3ONh1zjuA= Received: from x390.lan (unknown [210.22.74.70]) by smtp10 (Coremail) with SMTP id NuRpCgAHJq5WY49iYXbDCw--.38126S2; Thu, 26 May 2022 19:24:07 +0800 (CST) From: Xiang W To: opensbi@lists.infradead.org Cc: anup@brainfault.org, Xiang W Subject: [PATCH v3] lib: sbi: fix system_opcode_insn Date: Thu, 26 May 2022 19:24:03 +0800 Message-Id: <20220526112403.280401-1-wxjstz@126.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-CM-TRANSID: NuRpCgAHJq5WY49iYXbDCw--.38126S2 X-Coremail-Antispam: 1Uf129KBjvJXoW7Kw1fuFyUCr4fAr1kGFWfZrb_yoW8GryrpF s8CFykG3y0qrykKa93Arna9rn5ta18GrWUAFyxAa9ayw4xGr95AFWrtr45tr95Wr47C3yj 9ayjyry8u343Z3DanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDUYxBIdaVFxhVjvjDU0xZFpf9x0pRewZwUUUUU= X-Originating-IP: [210.22.74.70] X-CM-SenderInfo: pz0m23b26rjloofrz/1tbi5BcNOlpEDo5OlAAAsA X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220526_042413_721084_A988EFA8 X-CRM114-Status: UNSURE ( 8.66 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: If the csr's operation comes from M mode, it should not be forwarded to low-privilege processing, this patch fixes this problem. Signed-off-by: Xiang W --- Changes in v3: - move checking prev_mode before sbi_emulate_csr_read and return failure by Anup's suggestion Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [123.126.96.5 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [wxjstz[at]126.com] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: opensbi@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "opensbi" Errors-To: opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org If the csr's operation comes from M mode, it should not be forwarded to low-privilege processing, this patch fixes this problem. Signed-off-by: Xiang W Reviewed-by: Anup Patel --- Changes in v3: - move checking prev_mode before sbi_emulate_csr_read and return failure by Anup's suggestion Changes in v2: - add missing head file lib/sbi/sbi_illegal_insn.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/sbi/sbi_illegal_insn.c b/lib/sbi/sbi_illegal_insn.c index bfe7d61..7976957 100644 --- a/lib/sbi/sbi_illegal_insn.c +++ b/lib/sbi/sbi_illegal_insn.c @@ -16,6 +16,7 @@ #include #include #include +#include typedef int (*illegal_insn_func)(ulong insn, struct sbi_trap_regs *regs); @@ -37,8 +38,14 @@ static int system_opcode_insn(ulong insn, struct sbi_trap_regs *regs) int do_write, rs1_num = (insn >> 15) & 0x1f; ulong rs1_val = GET_RS1(insn, regs); int csr_num = (u32)insn >> 20; + ulong prev_mode = (regs->mstatus & MSTATUS_MPP) >> MSTATUS_MPP_SHIFT; ulong csr_val, new_csr_val; + if (prev_mode == PRV_M) { + sbi_printf("%s: Unknown CSR %#x", __func__, csr_num); + return SBI_EFAIL; + } + /* TODO: Ensure that we got CSR read/write instruction */ if (sbi_emulate_csr_read(csr_num, regs, &csr_val))