From: Hesham Almatary <hesham.almat...@cl.cam.ac.uk> The PMP should be checked when doing a page table walk, and report access fault exception if the to-be-read PTE failed the PMP check.
Suggested-by: Jonathan Behrens <finte...@gmail.com> Signed-off-by: Hesham Almatary <hesham.almat...@cl.cam.ac.uk> Reviewed-by: Palmer Dabbelt <pal...@sifive.com> Signed-off-by: Palmer Dabbelt <pal...@sifive.com> --- target/riscv/cpu.h | 1 + target/riscv/cpu_helper.c | 10 +++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 2e743312536b..934b71c85e13 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -81,6 +81,7 @@ enum { #define PRIV_VERSION_1_09_1 0x00010901 #define PRIV_VERSION_1_10_0 0x00011000 +#define TRANSLATE_PMP_FAIL 2 #define TRANSLATE_FAIL 1 #define TRANSLATE_SUCCESS 0 #define MMU_USER_IDX 3 diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 71b8123b1019..66be83210f11 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -230,6 +230,12 @@ restart: /* check that physical address of PTE is legal */ target_ulong pte_addr = base + idx * ptesize; + + if (riscv_feature(env, RISCV_FEATURE_PMP) && + !pmp_hart_has_privs(env, pte_addr, sizeof(target_ulong), + 1 << MMU_DATA_LOAD, PRV_S)) { + return TRANSLATE_PMP_FAIL; + } #if defined(TARGET_RISCV32) target_ulong pte = ldl_phys(cs->as, pte_addr); #elif defined(TARGET_RISCV64) @@ -448,8 +454,10 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, (ret == TRANSLATE_SUCCESS) && !pmp_hart_has_privs(env, pa, TARGET_PAGE_SIZE, 1 << access_type, mode)) { + ret = TRANSLATE_PMP_FAIL; + } + if (ret == TRANSLATE_PMP_FAIL) { pmp_violation = true; - ret = TRANSLATE_FAIL; } if (ret == TRANSLATE_SUCCESS) { tlb_set_page(cs, address & TARGET_PAGE_MASK, pa & TARGET_PAGE_MASK, -- 2.21.0