Browse Source
Merge pull request #869 from scottj97/badgpa
Take guest page fault if guest PA out of bounds
pull/870/head
Andrew Waterman
4 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with
53 additions and
48 deletions
-
riscv/mmu.cc
|
|
@ -267,9 +267,13 @@ reg_t mmu_t::s2xlate(reg_t gva, reg_t gpa, access_type type, access_type trap_ty |
|
|
if (vm.levels == 0) |
|
|
if (vm.levels == 0) |
|
|
return gpa; |
|
|
return gpa; |
|
|
|
|
|
|
|
|
|
|
|
int maxgpabits = vm.levels * vm.idxbits + vm.widenbits + PGSHIFT; |
|
|
|
|
|
reg_t maxgpa = (1ULL << maxgpabits) - 1; |
|
|
|
|
|
|
|
|
bool mxr = proc->state.sstatus->readvirt(false) & MSTATUS_MXR; |
|
|
bool mxr = proc->state.sstatus->readvirt(false) & MSTATUS_MXR; |
|
|
|
|
|
|
|
|
reg_t base = vm.ptbase; |
|
|
reg_t base = vm.ptbase; |
|
|
|
|
|
if ((gpa & ~maxgpa) == 0) { |
|
|
for (int i = vm.levels - 1; i >= 0; i--) { |
|
|
for (int i = vm.levels - 1; i >= 0; i--) { |
|
|
int ptshift = i * vm.idxbits; |
|
|
int ptshift = i * vm.idxbits; |
|
|
int idxbits = (i == (vm.levels - 1)) ? vm.idxbits + vm.widenbits : vm.idxbits; |
|
|
int idxbits = (i == (vm.levels - 1)) ? vm.idxbits + vm.widenbits : vm.idxbits; |
|
|
@ -328,6 +332,7 @@ reg_t mmu_t::s2xlate(reg_t gva, reg_t gpa, access_type type, access_type trap_ty |
|
|
return page_base | (gpa & page_mask); |
|
|
return page_base | (gpa & page_mask); |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
switch (trap_type) { |
|
|
switch (trap_type) { |
|
|
case FETCH: throw trap_instruction_guest_page_fault(gva, gpa >> 2, 0); |
|
|
case FETCH: throw trap_instruction_guest_page_fault(gva, gpa >> 2, 0); |
|
|
|
