Re: [PATCH v6 1/5] target/riscv: Add smstateen support
On Mon, 2022-07-25 at 15:11 +0800, Weiwei Li wrote: > 在 2022/7/24 下午11:39, Mayuresh Chitale 写道: > > On Fri, 2022-07-22 at 08:31 +0800, Weiwei Li wrote: > > > 在 2022/7/21 下午11:31, Mayuresh Chitale 写道: > > > > Smstateen extension specifies a mechanism to close > > > > the potential covert channels that could cause security issues. > > > > > > > > This patch adds the CSRs defined in the specification and > > > > the corresponding predicates and read/write functions. > > > > > > > > Signed-off-by: Mayuresh Chitale > > > > --- > > > >target/riscv/cpu.h | 4 + > > > >target/riscv/cpu_bits.h | 37 > > > >target/riscv/csr.c | 370 > > > > > > > >target/riscv/machine.c | 21 +++ > > > >4 files changed, 432 insertions(+) > > > > > > > > diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h > > > > index ffb1a18873..7f8e5b0014 100644 > > > > --- a/target/riscv/cpu.h > > > > +++ b/target/riscv/cpu.h > > > > @@ -354,6 +354,9 @@ struct CPUArchState { > > > > > > > >/* CSRs for execution enviornment configuration */ > > > >uint64_t menvcfg; > > > > +uint64_t mstateen[SMSTATEEN_MAX_COUNT]; > > > > +uint64_t hstateen[SMSTATEEN_MAX_COUNT]; > > > > +uint64_t sstateen[SMSTATEEN_MAX_COUNT]; > > > >target_ulong senvcfg; > > > >uint64_t henvcfg; > > > >#endif > > > > @@ -426,6 +429,7 @@ struct RISCVCPUConfig { > > > >bool ext_zkt; > > > >bool ext_ifencei; > > > >bool ext_icsr; > > > > +bool ext_smstateen; > > > >bool ext_svinval; > > > >bool ext_svnapot; > > > >bool ext_svpbmt; > > > > diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h > > > > index 6be5a9e9f0..56b7c5bed6 100644 > > > > --- a/target/riscv/cpu_bits.h > > > > +++ b/target/riscv/cpu_bits.h > > > > @@ -199,6 +199,12 @@ > > > >/* Supervisor Configuration CSRs */ > > > >#define CSR_SENVCFG 0x10A > > > > > > > > +/* Supervisor state CSRs */ > > > > +#define CSR_SSTATEEN0 0x10C > > > > +#define CSR_SSTATEEN1 0x10D > > > > +#define CSR_SSTATEEN2 0x10E > > > > +#define CSR_SSTATEEN3 0x10F > > > > + > > > >/* Supervisor Trap Handling */ > > > >#define CSR_SSCRATCH0x140 > > > >#define CSR_SEPC0x141 > > > > @@ -242,6 +248,16 @@ > > > >#define CSR_HENVCFG 0x60A > > > >#define CSR_HENVCFGH0x61A > > > > > > > > +/* Hypervisor state CSRs */ > > > > +#define CSR_HSTATEEN0 0x60C > > > > +#define CSR_HSTATEEN0H 0x61C > > > > +#define CSR_HSTATEEN1 0x60D > > > > +#define CSR_HSTATEEN1H 0x61D > > > > +#define CSR_HSTATEEN2 0x60E > > > > +#define CSR_HSTATEEN2H 0x61E > > > > +#define CSR_HSTATEEN3 0x60F > > > > +#define CSR_HSTATEEN3H 0x61F > > > > + > > > >/* Virtual CSRs */ > > > >#define CSR_VSSTATUS0x200 > > > >#define CSR_VSIE0x204 > > > > @@ -283,6 +299,27 @@ > > > >#define CSR_MENVCFG 0x30A > > > >#define CSR_MENVCFGH0x31A > > > > > > > > +/* Machine state CSRs */ > > > > +#define CSR_MSTATEEN0 0x30C > > > > +#define CSR_MSTATEEN0H 0x31C > > > > +#define CSR_MSTATEEN1 0x30D > > > > +#define CSR_MSTATEEN1H 0x31D > > > > +#define CSR_MSTATEEN2 0x30E > > > > +#define CSR_MSTATEEN2H 0x31E > > > > +#define CSR_MSTATEEN3 0x30F > > > > +#define CSR_MSTATEEN3H 0x31F > > > > + > > > > +/* Common defines for all smstateen */ > > > > +#define SMSTATEEN_MAX_COUNT 4 > > > > +#define SMSTATEEN0_CS (1ULL << 0) > > > > +#define SMSTATEEN0_FCSR (1ULL << 1) > > > > +#define SMSTATEEN0_HSCONTXT (1ULL << 57) > > > > +#define SMSTATEEN0_IMSIC(1ULL << 58) > > > > +#define SMSTATEEN0_AIA (1ULL << 59) > > > > +#define SMSTATEEN0_SVSLCT (1ULL << 60) > > > > +#define SMSTATEEN0_HSENVCFG (1ULL << 62) > > > > +#define SMSTATEEN_STATEN(1ULL << 63) > > > Maybe SMSTATEEN_STATEEN better. > > ok. Will update in the next version. > > > > + > > > >/* Enhanced Physical Memory Protection (ePMP) */ > > > >#define CSR_MSECCFG 0x747 > > > >#define CSR_MSECCFGH0x757 > > > > diff --git a/target/riscv/csr.c b/target/riscv/csr.c > > > > index 235f2a011e..27032a416c 100644 > > > > --- a/target/riscv/csr.c > > > > +++ b/target/riscv/csr.c > > > > @@ -339,6 +339,68 @@ static RISCVException > > > > hmode32(CPURISCVState > > > > *env, int csrno) > > > > > > > >} > > > > > > > > +static RISCVException mstateen(CPURISCVState *env, int csrno) > > > > +{ > > > > +CPUState *cs = env_cpu(env); > > > > +RISCVCPU *cpu = RISCV_CPU(cs); > > > > + > > > > +if (!cpu->cfg.ext_smstateen) { > > > > +return RISCV_EXCP_ILLEGAL_INST; > > > > +} > > > > + > > > > +return any(env, csrno); > > > > +} > > > > + > > > > +static RISCVException hstateen_pred(CPURISCVState *env, int > > > > csrno, > > > > int base) > >
Re: [PATCH v6 1/5] target/riscv: Add smstateen support
在 2022/7/24 下午11:39, Mayuresh Chitale 写道: On Fri, 2022-07-22 at 08:31 +0800, Weiwei Li wrote: 在 2022/7/21 下午11:31, Mayuresh Chitale 写道: Smstateen extension specifies a mechanism to close the potential covert channels that could cause security issues. This patch adds the CSRs defined in the specification and the corresponding predicates and read/write functions. Signed-off-by: Mayuresh Chitale --- target/riscv/cpu.h | 4 + target/riscv/cpu_bits.h | 37 target/riscv/csr.c | 370 target/riscv/machine.c | 21 +++ 4 files changed, 432 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index ffb1a18873..7f8e5b0014 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -354,6 +354,9 @@ struct CPUArchState { /* CSRs for execution enviornment configuration */ uint64_t menvcfg; +uint64_t mstateen[SMSTATEEN_MAX_COUNT]; +uint64_t hstateen[SMSTATEEN_MAX_COUNT]; +uint64_t sstateen[SMSTATEEN_MAX_COUNT]; target_ulong senvcfg; uint64_t henvcfg; #endif @@ -426,6 +429,7 @@ struct RISCVCPUConfig { bool ext_zkt; bool ext_ifencei; bool ext_icsr; +bool ext_smstateen; bool ext_svinval; bool ext_svnapot; bool ext_svpbmt; diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 6be5a9e9f0..56b7c5bed6 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -199,6 +199,12 @@ /* Supervisor Configuration CSRs */ #define CSR_SENVCFG 0x10A +/* Supervisor state CSRs */ +#define CSR_SSTATEEN0 0x10C +#define CSR_SSTATEEN1 0x10D +#define CSR_SSTATEEN2 0x10E +#define CSR_SSTATEEN3 0x10F + /* Supervisor Trap Handling */ #define CSR_SSCRATCH0x140 #define CSR_SEPC0x141 @@ -242,6 +248,16 @@ #define CSR_HENVCFG 0x60A #define CSR_HENVCFGH0x61A +/* Hypervisor state CSRs */ +#define CSR_HSTATEEN0 0x60C +#define CSR_HSTATEEN0H 0x61C +#define CSR_HSTATEEN1 0x60D +#define CSR_HSTATEEN1H 0x61D +#define CSR_HSTATEEN2 0x60E +#define CSR_HSTATEEN2H 0x61E +#define CSR_HSTATEEN3 0x60F +#define CSR_HSTATEEN3H 0x61F + /* Virtual CSRs */ #define CSR_VSSTATUS0x200 #define CSR_VSIE0x204 @@ -283,6 +299,27 @@ #define CSR_MENVCFG 0x30A #define CSR_MENVCFGH0x31A +/* Machine state CSRs */ +#define CSR_MSTATEEN0 0x30C +#define CSR_MSTATEEN0H 0x31C +#define CSR_MSTATEEN1 0x30D +#define CSR_MSTATEEN1H 0x31D +#define CSR_MSTATEEN2 0x30E +#define CSR_MSTATEEN2H 0x31E +#define CSR_MSTATEEN3 0x30F +#define CSR_MSTATEEN3H 0x31F + +/* Common defines for all smstateen */ +#define SMSTATEEN_MAX_COUNT 4 +#define SMSTATEEN0_CS (1ULL << 0) +#define SMSTATEEN0_FCSR (1ULL << 1) +#define SMSTATEEN0_HSCONTXT (1ULL << 57) +#define SMSTATEEN0_IMSIC(1ULL << 58) +#define SMSTATEEN0_AIA (1ULL << 59) +#define SMSTATEEN0_SVSLCT (1ULL << 60) +#define SMSTATEEN0_HSENVCFG (1ULL << 62) +#define SMSTATEEN_STATEN(1ULL << 63) Maybe SMSTATEEN_STATEEN better. ok. Will update in the next version. + /* Enhanced Physical Memory Protection (ePMP) */ #define CSR_MSECCFG 0x747 #define CSR_MSECCFGH0x757 diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 235f2a011e..27032a416c 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -339,6 +339,68 @@ static RISCVException hmode32(CPURISCVState *env, int csrno) } +static RISCVException mstateen(CPURISCVState *env, int csrno) +{ +CPUState *cs = env_cpu(env); +RISCVCPU *cpu = RISCV_CPU(cs); + +if (!cpu->cfg.ext_smstateen) { +return RISCV_EXCP_ILLEGAL_INST; +} + +return any(env, csrno); +} + +static RISCVException hstateen_pred(CPURISCVState *env, int csrno, int base) +{ +CPUState *cs = env_cpu(env); +RISCVCPU *cpu = RISCV_CPU(cs); + +if (!cpu->cfg.ext_smstateen) { +return RISCV_EXCP_ILLEGAL_INST; +} + +if (!(env->mstateen[csrno - base] & SMSTATEEN_STATEN)) { +return RISCV_EXCP_ILLEGAL_INST; +} + +return hmode(env, csrno); +} + +static RISCVException hstateen(CPURISCVState *env, int csrno) +{ +return hstateen_pred(env, csrno, CSR_HSTATEEN0); +} + +static RISCVException hstateenh(CPURISCVState *env, int csrno) +{ +return hstateen_pred(env, csrno, CSR_HSTATEEN0H); +} + +static RISCVException sstateen(CPURISCVState *env, int csrno) +{ +bool virt = riscv_cpu_virt_enabled(env); +int index = csrno - CSR_SSTATEEN0; +CPUState *cs = env_cpu(env); +RISCVCPU *cpu = RISCV_CPU(cs); + +if (!cpu->cfg.ext_smstateen) { +return RISCV_EXCP_ILLEGAL_INST; +} + +if (!(env->mstateen[index] & SMSTATEEN_STATEN)) { +return RISCV_EXCP_ILLEGAL_INST; +} + +if (virt) { +if (!(env->hstateen[index] & SMSTATEEN_STATEN)) { +
Re: [PATCH v6 1/5] target/riscv: Add smstateen support
On Fri, 2022-07-22 at 08:31 +0800, Weiwei Li wrote: > 在 2022/7/21 下午11:31, Mayuresh Chitale 写道: > > Smstateen extension specifies a mechanism to close > > the potential covert channels that could cause security issues. > > > > This patch adds the CSRs defined in the specification and > > the corresponding predicates and read/write functions. > > > > Signed-off-by: Mayuresh Chitale > > --- > > target/riscv/cpu.h | 4 + > > target/riscv/cpu_bits.h | 37 > > target/riscv/csr.c | 370 > > > > target/riscv/machine.c | 21 +++ > > 4 files changed, 432 insertions(+) > > > > diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h > > index ffb1a18873..7f8e5b0014 100644 > > --- a/target/riscv/cpu.h > > +++ b/target/riscv/cpu.h > > @@ -354,6 +354,9 @@ struct CPUArchState { > > > > /* CSRs for execution enviornment configuration */ > > uint64_t menvcfg; > > +uint64_t mstateen[SMSTATEEN_MAX_COUNT]; > > +uint64_t hstateen[SMSTATEEN_MAX_COUNT]; > > +uint64_t sstateen[SMSTATEEN_MAX_COUNT]; > > target_ulong senvcfg; > > uint64_t henvcfg; > > #endif > > @@ -426,6 +429,7 @@ struct RISCVCPUConfig { > > bool ext_zkt; > > bool ext_ifencei; > > bool ext_icsr; > > +bool ext_smstateen; > > bool ext_svinval; > > bool ext_svnapot; > > bool ext_svpbmt; > > diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h > > index 6be5a9e9f0..56b7c5bed6 100644 > > --- a/target/riscv/cpu_bits.h > > +++ b/target/riscv/cpu_bits.h > > @@ -199,6 +199,12 @@ > > /* Supervisor Configuration CSRs */ > > #define CSR_SENVCFG 0x10A > > > > +/* Supervisor state CSRs */ > > +#define CSR_SSTATEEN0 0x10C > > +#define CSR_SSTATEEN1 0x10D > > +#define CSR_SSTATEEN2 0x10E > > +#define CSR_SSTATEEN3 0x10F > > + > > /* Supervisor Trap Handling */ > > #define CSR_SSCRATCH0x140 > > #define CSR_SEPC0x141 > > @@ -242,6 +248,16 @@ > > #define CSR_HENVCFG 0x60A > > #define CSR_HENVCFGH0x61A > > > > +/* Hypervisor state CSRs */ > > +#define CSR_HSTATEEN0 0x60C > > +#define CSR_HSTATEEN0H 0x61C > > +#define CSR_HSTATEEN1 0x60D > > +#define CSR_HSTATEEN1H 0x61D > > +#define CSR_HSTATEEN2 0x60E > > +#define CSR_HSTATEEN2H 0x61E > > +#define CSR_HSTATEEN3 0x60F > > +#define CSR_HSTATEEN3H 0x61F > > + > > /* Virtual CSRs */ > > #define CSR_VSSTATUS0x200 > > #define CSR_VSIE0x204 > > @@ -283,6 +299,27 @@ > > #define CSR_MENVCFG 0x30A > > #define CSR_MENVCFGH0x31A > > > > +/* Machine state CSRs */ > > +#define CSR_MSTATEEN0 0x30C > > +#define CSR_MSTATEEN0H 0x31C > > +#define CSR_MSTATEEN1 0x30D > > +#define CSR_MSTATEEN1H 0x31D > > +#define CSR_MSTATEEN2 0x30E > > +#define CSR_MSTATEEN2H 0x31E > > +#define CSR_MSTATEEN3 0x30F > > +#define CSR_MSTATEEN3H 0x31F > > + > > +/* Common defines for all smstateen */ > > +#define SMSTATEEN_MAX_COUNT 4 > > +#define SMSTATEEN0_CS (1ULL << 0) > > +#define SMSTATEEN0_FCSR (1ULL << 1) > > +#define SMSTATEEN0_HSCONTXT (1ULL << 57) > > +#define SMSTATEEN0_IMSIC(1ULL << 58) > > +#define SMSTATEEN0_AIA (1ULL << 59) > > +#define SMSTATEEN0_SVSLCT (1ULL << 60) > > +#define SMSTATEEN0_HSENVCFG (1ULL << 62) > > +#define SMSTATEEN_STATEN(1ULL << 63) > Maybe SMSTATEEN_STATEEN better. ok. Will update in the next version. > > + > > /* Enhanced Physical Memory Protection (ePMP) */ > > #define CSR_MSECCFG 0x747 > > #define CSR_MSECCFGH0x757 > > diff --git a/target/riscv/csr.c b/target/riscv/csr.c > > index 235f2a011e..27032a416c 100644 > > --- a/target/riscv/csr.c > > +++ b/target/riscv/csr.c > > @@ -339,6 +339,68 @@ static RISCVException hmode32(CPURISCVState > > *env, int csrno) > > > > } > > > > +static RISCVException mstateen(CPURISCVState *env, int csrno) > > +{ > > +CPUState *cs = env_cpu(env); > > +RISCVCPU *cpu = RISCV_CPU(cs); > > + > > +if (!cpu->cfg.ext_smstateen) { > > +return RISCV_EXCP_ILLEGAL_INST; > > +} > > + > > +return any(env, csrno); > > +} > > + > > +static RISCVException hstateen_pred(CPURISCVState *env, int csrno, > > int base) > > +{ > > +CPUState *cs = env_cpu(env); > > +RISCVCPU *cpu = RISCV_CPU(cs); > > + > > +if (!cpu->cfg.ext_smstateen) { > > +return RISCV_EXCP_ILLEGAL_INST; > > +} > > + > > +if (!(env->mstateen[csrno - base] & SMSTATEEN_STATEN)) { > > +return RISCV_EXCP_ILLEGAL_INST; > > +} > > + > > +return hmode(env, csrno); > > +} > > + > > +static RISCVException hstateen(CPURISCVState *env, int csrno) > > +{ > > +return hstateen_pred(env, csrno, CSR_HSTATEEN0); > > +} > > + > > +static RISCVException hstateenh(CPURISCVState *env, int csrno) > > +{ > > +return hstateen_pred(env, csrno, CSR_HSTATEEN0H); > > +} >
Re: [PATCH v6 1/5] target/riscv: Add smstateen support
在 2022/7/21 下午11:31, Mayuresh Chitale 写道: Smstateen extension specifies a mechanism to close the potential covert channels that could cause security issues. This patch adds the CSRs defined in the specification and the corresponding predicates and read/write functions. Signed-off-by: Mayuresh Chitale --- target/riscv/cpu.h | 4 + target/riscv/cpu_bits.h | 37 target/riscv/csr.c | 370 target/riscv/machine.c | 21 +++ 4 files changed, 432 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index ffb1a18873..7f8e5b0014 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -354,6 +354,9 @@ struct CPUArchState { /* CSRs for execution enviornment configuration */ uint64_t menvcfg; +uint64_t mstateen[SMSTATEEN_MAX_COUNT]; +uint64_t hstateen[SMSTATEEN_MAX_COUNT]; +uint64_t sstateen[SMSTATEEN_MAX_COUNT]; target_ulong senvcfg; uint64_t henvcfg; #endif @@ -426,6 +429,7 @@ struct RISCVCPUConfig { bool ext_zkt; bool ext_ifencei; bool ext_icsr; +bool ext_smstateen; bool ext_svinval; bool ext_svnapot; bool ext_svpbmt; diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 6be5a9e9f0..56b7c5bed6 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -199,6 +199,12 @@ /* Supervisor Configuration CSRs */ #define CSR_SENVCFG 0x10A +/* Supervisor state CSRs */ +#define CSR_SSTATEEN0 0x10C +#define CSR_SSTATEEN1 0x10D +#define CSR_SSTATEEN2 0x10E +#define CSR_SSTATEEN3 0x10F + /* Supervisor Trap Handling */ #define CSR_SSCRATCH0x140 #define CSR_SEPC0x141 @@ -242,6 +248,16 @@ #define CSR_HENVCFG 0x60A #define CSR_HENVCFGH0x61A +/* Hypervisor state CSRs */ +#define CSR_HSTATEEN0 0x60C +#define CSR_HSTATEEN0H 0x61C +#define CSR_HSTATEEN1 0x60D +#define CSR_HSTATEEN1H 0x61D +#define CSR_HSTATEEN2 0x60E +#define CSR_HSTATEEN2H 0x61E +#define CSR_HSTATEEN3 0x60F +#define CSR_HSTATEEN3H 0x61F + /* Virtual CSRs */ #define CSR_VSSTATUS0x200 #define CSR_VSIE0x204 @@ -283,6 +299,27 @@ #define CSR_MENVCFG 0x30A #define CSR_MENVCFGH0x31A +/* Machine state CSRs */ +#define CSR_MSTATEEN0 0x30C +#define CSR_MSTATEEN0H 0x31C +#define CSR_MSTATEEN1 0x30D +#define CSR_MSTATEEN1H 0x31D +#define CSR_MSTATEEN2 0x30E +#define CSR_MSTATEEN2H 0x31E +#define CSR_MSTATEEN3 0x30F +#define CSR_MSTATEEN3H 0x31F + +/* Common defines for all smstateen */ +#define SMSTATEEN_MAX_COUNT 4 +#define SMSTATEEN0_CS (1ULL << 0) +#define SMSTATEEN0_FCSR (1ULL << 1) +#define SMSTATEEN0_HSCONTXT (1ULL << 57) +#define SMSTATEEN0_IMSIC(1ULL << 58) +#define SMSTATEEN0_AIA (1ULL << 59) +#define SMSTATEEN0_SVSLCT (1ULL << 60) +#define SMSTATEEN0_HSENVCFG (1ULL << 62) +#define SMSTATEEN_STATEN(1ULL << 63) Maybe SMSTATEEN_STATEEN better. + /* Enhanced Physical Memory Protection (ePMP) */ #define CSR_MSECCFG 0x747 #define CSR_MSECCFGH0x757 diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 235f2a011e..27032a416c 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -339,6 +339,68 @@ static RISCVException hmode32(CPURISCVState *env, int csrno) } +static RISCVException mstateen(CPURISCVState *env, int csrno) +{ +CPUState *cs = env_cpu(env); +RISCVCPU *cpu = RISCV_CPU(cs); + +if (!cpu->cfg.ext_smstateen) { +return RISCV_EXCP_ILLEGAL_INST; +} + +return any(env, csrno); +} + +static RISCVException hstateen_pred(CPURISCVState *env, int csrno, int base) +{ +CPUState *cs = env_cpu(env); +RISCVCPU *cpu = RISCV_CPU(cs); + +if (!cpu->cfg.ext_smstateen) { +return RISCV_EXCP_ILLEGAL_INST; +} + +if (!(env->mstateen[csrno - base] & SMSTATEEN_STATEN)) { +return RISCV_EXCP_ILLEGAL_INST; +} + +return hmode(env, csrno); +} + +static RISCVException hstateen(CPURISCVState *env, int csrno) +{ +return hstateen_pred(env, csrno, CSR_HSTATEEN0); +} + +static RISCVException hstateenh(CPURISCVState *env, int csrno) +{ +return hstateen_pred(env, csrno, CSR_HSTATEEN0H); +} + +static RISCVException sstateen(CPURISCVState *env, int csrno) +{ +bool virt = riscv_cpu_virt_enabled(env); +int index = csrno - CSR_SSTATEEN0; +CPUState *cs = env_cpu(env); +RISCVCPU *cpu = RISCV_CPU(cs); + +if (!cpu->cfg.ext_smstateen) { +return RISCV_EXCP_ILLEGAL_INST; +} + +if (!(env->mstateen[index] & SMSTATEEN_STATEN)) { +return RISCV_EXCP_ILLEGAL_INST; +} + +if (virt) { +if (!(env->hstateen[index] & SMSTATEEN_STATEN)) { +return RISCV_EXCP_VIRT_INSTRUCTION_FAULT; +} +} + +return smode(env, csrno); +} + /* Checks if PointerMasking registers could be accessed */
[PATCH v6 1/5] target/riscv: Add smstateen support
Smstateen extension specifies a mechanism to close the potential covert channels that could cause security issues. This patch adds the CSRs defined in the specification and the corresponding predicates and read/write functions. Signed-off-by: Mayuresh Chitale --- target/riscv/cpu.h | 4 + target/riscv/cpu_bits.h | 37 target/riscv/csr.c | 370 target/riscv/machine.c | 21 +++ 4 files changed, 432 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index ffb1a18873..7f8e5b0014 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -354,6 +354,9 @@ struct CPUArchState { /* CSRs for execution enviornment configuration */ uint64_t menvcfg; +uint64_t mstateen[SMSTATEEN_MAX_COUNT]; +uint64_t hstateen[SMSTATEEN_MAX_COUNT]; +uint64_t sstateen[SMSTATEEN_MAX_COUNT]; target_ulong senvcfg; uint64_t henvcfg; #endif @@ -426,6 +429,7 @@ struct RISCVCPUConfig { bool ext_zkt; bool ext_ifencei; bool ext_icsr; +bool ext_smstateen; bool ext_svinval; bool ext_svnapot; bool ext_svpbmt; diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 6be5a9e9f0..56b7c5bed6 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -199,6 +199,12 @@ /* Supervisor Configuration CSRs */ #define CSR_SENVCFG 0x10A +/* Supervisor state CSRs */ +#define CSR_SSTATEEN0 0x10C +#define CSR_SSTATEEN1 0x10D +#define CSR_SSTATEEN2 0x10E +#define CSR_SSTATEEN3 0x10F + /* Supervisor Trap Handling */ #define CSR_SSCRATCH0x140 #define CSR_SEPC0x141 @@ -242,6 +248,16 @@ #define CSR_HENVCFG 0x60A #define CSR_HENVCFGH0x61A +/* Hypervisor state CSRs */ +#define CSR_HSTATEEN0 0x60C +#define CSR_HSTATEEN0H 0x61C +#define CSR_HSTATEEN1 0x60D +#define CSR_HSTATEEN1H 0x61D +#define CSR_HSTATEEN2 0x60E +#define CSR_HSTATEEN2H 0x61E +#define CSR_HSTATEEN3 0x60F +#define CSR_HSTATEEN3H 0x61F + /* Virtual CSRs */ #define CSR_VSSTATUS0x200 #define CSR_VSIE0x204 @@ -283,6 +299,27 @@ #define CSR_MENVCFG 0x30A #define CSR_MENVCFGH0x31A +/* Machine state CSRs */ +#define CSR_MSTATEEN0 0x30C +#define CSR_MSTATEEN0H 0x31C +#define CSR_MSTATEEN1 0x30D +#define CSR_MSTATEEN1H 0x31D +#define CSR_MSTATEEN2 0x30E +#define CSR_MSTATEEN2H 0x31E +#define CSR_MSTATEEN3 0x30F +#define CSR_MSTATEEN3H 0x31F + +/* Common defines for all smstateen */ +#define SMSTATEEN_MAX_COUNT 4 +#define SMSTATEEN0_CS (1ULL << 0) +#define SMSTATEEN0_FCSR (1ULL << 1) +#define SMSTATEEN0_HSCONTXT (1ULL << 57) +#define SMSTATEEN0_IMSIC(1ULL << 58) +#define SMSTATEEN0_AIA (1ULL << 59) +#define SMSTATEEN0_SVSLCT (1ULL << 60) +#define SMSTATEEN0_HSENVCFG (1ULL << 62) +#define SMSTATEEN_STATEN(1ULL << 63) + /* Enhanced Physical Memory Protection (ePMP) */ #define CSR_MSECCFG 0x747 #define CSR_MSECCFGH0x757 diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 235f2a011e..27032a416c 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -339,6 +339,68 @@ static RISCVException hmode32(CPURISCVState *env, int csrno) } +static RISCVException mstateen(CPURISCVState *env, int csrno) +{ +CPUState *cs = env_cpu(env); +RISCVCPU *cpu = RISCV_CPU(cs); + +if (!cpu->cfg.ext_smstateen) { +return RISCV_EXCP_ILLEGAL_INST; +} + +return any(env, csrno); +} + +static RISCVException hstateen_pred(CPURISCVState *env, int csrno, int base) +{ +CPUState *cs = env_cpu(env); +RISCVCPU *cpu = RISCV_CPU(cs); + +if (!cpu->cfg.ext_smstateen) { +return RISCV_EXCP_ILLEGAL_INST; +} + +if (!(env->mstateen[csrno - base] & SMSTATEEN_STATEN)) { +return RISCV_EXCP_ILLEGAL_INST; +} + +return hmode(env, csrno); +} + +static RISCVException hstateen(CPURISCVState *env, int csrno) +{ +return hstateen_pred(env, csrno, CSR_HSTATEEN0); +} + +static RISCVException hstateenh(CPURISCVState *env, int csrno) +{ +return hstateen_pred(env, csrno, CSR_HSTATEEN0H); +} + +static RISCVException sstateen(CPURISCVState *env, int csrno) +{ +bool virt = riscv_cpu_virt_enabled(env); +int index = csrno - CSR_SSTATEEN0; +CPUState *cs = env_cpu(env); +RISCVCPU *cpu = RISCV_CPU(cs); + +if (!cpu->cfg.ext_smstateen) { +return RISCV_EXCP_ILLEGAL_INST; +} + +if (!(env->mstateen[index] & SMSTATEEN_STATEN)) { +return RISCV_EXCP_ILLEGAL_INST; +} + +if (virt) { +if (!(env->hstateen[index] & SMSTATEEN_STATEN)) { +return RISCV_EXCP_VIRT_INSTRUCTION_FAULT; +} +} + +return smode(env, csrno); +} + /* Checks if PointerMasking registers could be accessed */ static RISCVException pointer_masking(CPURISCVState *env, int csrno) { @@ -1699,6 +1761,263 @@ static RISCVException