[v2,49/50] target/i386: Move helper_check_io to sysemu

Message ID	20210514151342.384376-50-richard.henderson@linaro.org
State	New
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; From: Richard Henderson <richard.henderson@linaro.org> To: qemu-devel@nongnu.org Subject: [PATCH v2 49/50] target/i386: Move helper_check_io to sysemu Date: Fri, 14 May 2021 10:13:41 -0500 Message-Id: <20210514151342.384376-50-richard.henderson@linaro.org> In-Reply-To: <20210514151342.384376-1-richard.henderson@linaro.org> References: <20210514151342.384376-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::72f; envelope-from=richard.henderson@linaro.org; helo=mail-qk1-x72f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: pbonzini@redhat.com, f4bug@amsat.org, ehabkost@redhat.com, cfontana@suse.de Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Series	target/i386 translate cleanups \| expand [v2,00/50] target/i386 translate cleanups [v2,01/50] target/i386: Split out gen_exception_gpf [v2,02/50] target/i386: Split out check_cpl0 [v2,03/50] target/i386: Unify code paths for IRET [v2,04/50] target/i386: Split out check_vm86_iopl [v2,05/50] target/i386: Split out check_iopl [v2,06/50] target/i386: Assert PE is set for user-only [v2,07/50] target/i386: Assert CPL is 3 for user-only [v2,08/50] target/i386: Assert IOPL is 0 for user-only [v2,09/50] target/i386: Assert !VM86 for x86_64 user-only [v2,10/50] target/i386: Assert CODE32 for x86_64 user-only [v2,11/50] target/i386: Assert SS32 for x86_64 user-only [v2,12/50] target/i386: Assert CODE64 for x86_64 user-only [v2,13/50] target/i386: Assert LMA for x86_64 user-only [v2,14/50] target/i386: Assert !ADDSEG for x86_64 user-only [v2,15/50] target/i386: Introduce REX_PREFIX [v2,16/50] target/i386: Tidy REX_B, REX_X definition [v2,17/50] target/i386: Move rex_r into DisasContext [v2,18/50] target/i386: Move rex_w into DisasContext [v2,19/50] target/i386: Remove DisasContext.f_st as unused [v2,20/50] target/i386: Reduce DisasContext.flags to uint32_t [v2,21/50] target/i386: Reduce DisasContext.override to int8_t [v2,22/50] target/i386: Reduce DisasContext.prefix to uint8_t [v2,23/50] target/i386: Reduce DisasContext.vex_[lv] to uint8_t [v2,24/50] target/i386: Reduce DisasContext popl_esp_hack and rip_offset to uint8_t [v2,25/50] target/i386: Leave TF in DisasContext.flags [v2,26/50] target/i386: Reduce DisasContext jmp_opt, repz_opt to bool [v2,27/50] target/i386: Fix the comment for repz_opt [v2,28/50] target/i386: Reorder DisasContext members [v2,29/50] target/i386: Add stub generator for helper_set_dr [v2,30/50] target/i386: Assert !SVME for user-only [v2,31/50] target/i386: Assert !GUEST for user-only [v2,32/50] target/i386: Implement skinit in translate.c [v2,33/50] target/i386: Eliminate SVM helpers for user-only [v2,34/50] target/i386: Mark some helpers as noreturn [v2,35/50] target/i386: Simplify gen_debug usage [v2,36/50] target/i386: Tidy svm_check_intercept from tcg [v2,37/50] target/i386: Remove pc_start argument to gen_svm_check_intercept [v2,38/50] target/i386: Remove user stub for cpu_vmexit [v2,39/50] target/i386: Cleanup read_crN, write_crN, lmsw [v2,40/50] target/i386: Pass env to do_pause and do_hlt [v2,41/50] target/i386: Move invlpg, hlt, monitor, mwait to sysemu [v2,42/50] target/i386: Unify invlpg, invlpga [v2,43/50] target/i386: Inline user cpu_svm_check_intercept_param [v2,44/50] target/i386: Eliminate user stubs for read/write_crN, rd/wrmsr [v2,45/50] target/i386: Exit tb after wrmsr [v2,46/50] target/i386: Tidy gen_check_io [v2,47/50] target/i386: Pass in port to gen_check_io [v2,48/50] target/i386: Create helper_check_io [v2,49/50] target/i386: Move helper_check_io to sysemu [v2,50/50] target/i386: Remove user-only i/o stubs

Message ID

20210514151342.384376-50-richard.henderson@linaro.org

State

New

Headers

Received-SPF: pass (google.com: domain of
	qemu-devel-bounces+patch=linaro.org@nongnu.org designates
	209.51.188.17 as permitted sender) client-ip=209.51.188.17; 
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Subject: [PATCH v2 49/50] target/i386: Move helper_check_io to sysemu
Date: Fri, 14 May 2021 10:13:41 -0500
Message-Id: <20210514151342.384376-50-richard.henderson@linaro.org>
In-Reply-To: <20210514151342.384376-1-richard.henderson@linaro.org>
References: <20210514151342.384376-1-richard.henderson@linaro.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::72f;
	envelope-from=richard.henderson@linaro.org;
	helo=mail-qk1-x72f.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
	DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
	RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
	SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: pbonzini@redhat.com, f4bug@amsat.org, ehabkost@redhat.com,
	cfontana@suse.de
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

Series

target/i386 translate cleanups | expand

Commit Message

Richard Henderson May 14, 2021, 3:13 p.m. UTC

The we never allow i/o from user-only, and the tss check
that helper_check_io does will always fail.  Use an ifdef
within gen_check_io and return false, indicating that an
exception is known to be raised.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

---
 target/i386/helper.h                |  2 +-
 target/i386/tcg/seg_helper.c        | 28 ----------------------------
 target/i386/tcg/sysemu/seg_helper.c | 29 +++++++++++++++++++++++++++++
 target/i386/tcg/translate.c         | 11 +++++++++++
 4 files changed, 41 insertions(+), 29 deletions(-)

-- 
2.25.1

Comments

Richard Henderson May 14, 2021, 5:45 p.m. UTC | #1

On 5/14/21 10:13 AM, Richard Henderson wrote:
> --- a/target/i386/tcg/translate.c

> +++ b/target/i386/tcg/translate.c

> @@ -193,6 +193,7 @@ typedef struct DisasContext {

>       { qemu_build_not_reached(); }

>   

>   #ifdef CONFIG_USER_ONLY

> +STUB_HELPER(check_io, TCGv_env env, TCGv_i32 port, TCGv_i32 size)

>   STUB_HELPER(clgi, TCGv_env env)

>   STUB_HELPER(flush_page, TCGv_env env, TCGv addr)

>   STUB_HELPER(hlt, TCGv_env env, TCGv_i32 pc_ofs)

...
> @@ -681,6 +683,14 @@ static void gen_helper_out_func(MemOp ot, TCGv_i32 v, TCGv_i32 n)

>   static bool gen_check_io(DisasContext *s, MemOp ot, TCGv_i32 port,

>                            uint32_t svm_flags)

>   {

> +#ifdef CONFIG_USER_ONLY

> +    /*

> +     * We do not implement the iopriv(2) syscall, so the TSS check

> +     * will always fail.

> +     */

> +    gen_exception_gpf(s);

> +    return false;

> +#else

>       if (PE(s) && (CPL(s) > IOPL(s) || VM86(s))) {

>           gen_helper_check_io(cpu_env, port, tcg_constant_i32(1 << ot));

>       }

> @@ -699,6 +709,7 @@ static bool gen_check_io(DisasContext *s, MemOp ot, TCGv_i32 port,

>                                   tcg_constant_i32(next_eip - cur_eip));

>       }

>       return true;

> +#endif


This ifdef means the STUB_HELPER above isn't even used.
This is caught by clang as an unused inline function.
Will fix for v3.


r~

Paolo Bonzini May 18, 2021, 10:22 a.m. UTC | #2

On 14/05/21 19:45, Richard Henderson wrote:
> On 5/14/21 10:13 AM, Richard Henderson wrote:

>> --- a/target/i386/tcg/translate.c

>> +++ b/target/i386/tcg/translate.c

>> @@ -193,6 +193,7 @@ typedef struct DisasContext {

>>       { qemu_build_not_reached(); }

>>   #ifdef CONFIG_USER_ONLY

>> +STUB_HELPER(check_io, TCGv_env env, TCGv_i32 port, TCGv_i32 size)

>>   STUB_HELPER(clgi, TCGv_env env)

>>   STUB_HELPER(flush_page, TCGv_env env, TCGv addr)

>>   STUB_HELPER(hlt, TCGv_env env, TCGv_i32 pc_ofs)

> ...

>> @@ -681,6 +683,14 @@ static void gen_helper_out_func(MemOp ot, 

>> TCGv_i32 v, TCGv_i32 n)

>>   static bool gen_check_io(DisasContext *s, MemOp ot, TCGv_i32 port,

>>                            uint32_t svm_flags)

>>   {

>> +#ifdef CONFIG_USER_ONLY

>> +    /*

>> +     * We do not implement the iopriv(2) syscall, so the TSS check

>> +     * will always fail.

>> +     */

>> +    gen_exception_gpf(s);

>> +    return false;

>> +#else

>>       if (PE(s) && (CPL(s) > IOPL(s) || VM86(s))) {

>>           gen_helper_check_io(cpu_env, port, tcg_constant_i32(1 << ot));

>>       }

>> @@ -699,6 +709,7 @@ static bool gen_check_io(DisasContext *s, MemOp 

>> ot, TCGv_i32 port,

>>                                   tcg_constant_i32(next_eip - cur_eip));

>>       }

>>       return true;

>> +#endif

> 

> This ifdef means the STUB_HELPER above isn't even used.

> This is caught by clang as an unused inline function.

> Will fix for v3.


While you're at it it's ioperm, not iopriv.

Paolo

diff --git a/target/i386/helper.h b/target/i386/helper.h
index 47d0d67699..3fd0253298 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -86,7 +86,6 @@  DEF_HELPER_1(rdtsc, void, env)
 DEF_HELPER_1(rdtscp, void, env)
 DEF_HELPER_FLAGS_1(rdpmc, TCG_CALL_NO_WG, noreturn, env)
 
-DEF_HELPER_FLAGS_3(check_io, TCG_CALL_NO_WG, void, env, i32, i32)
 DEF_HELPER_3(outb, void, env, i32, i32)
 DEF_HELPER_2(inb, tl, env, i32)
 DEF_HELPER_3(outw, void, env, i32, i32)
@@ -95,6 +94,7 @@  DEF_HELPER_3(outl, void, env, i32, i32)
 DEF_HELPER_2(inl, tl, env, i32)
 
 #ifndef CONFIG_USER_ONLY
+DEF_HELPER_FLAGS_3(check_io, TCG_CALL_NO_WG, void, env, i32, i32)
 DEF_HELPER_FLAGS_4(bpt_io, TCG_CALL_NO_WG, void, env, i32, i32, tl)
 DEF_HELPER_2(svm_check_intercept, void, env, i32)
 DEF_HELPER_4(svm_check_io, void, env, i32, i32, i32)
diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index 69d6e8f602..2f6cdc8239 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -2416,31 +2416,3 @@  void helper_verw(CPUX86State *env, target_ulong selector1)
     }
     CC_SRC = eflags | CC_Z;
 }
-
-/* check if Port I/O is allowed in TSS */
-void helper_check_io(CPUX86State *env, uint32_t addr, uint32_t size)
-{
-    uintptr_t retaddr = GETPC();
-    uint32_t io_offset, val, mask;
-
-    /* TSS must be a valid 32 bit one */
-    if (!(env->tr.flags & DESC_P_MASK) ||
-        ((env->tr.flags >> DESC_TYPE_SHIFT) & 0xf) != 9 ||
-        env->tr.limit < 103) {
-        goto fail;
-    }
-    io_offset = cpu_lduw_kernel_ra(env, env->tr.base + 0x66, retaddr);
-    io_offset += (addr >> 3);
-    /* Note: the check needs two bytes */
-    if ((io_offset + 1) > env->tr.limit) {
-        goto fail;
-    }
-    val = cpu_lduw_kernel_ra(env, env->tr.base + io_offset, retaddr);
-    val >>= (addr & 7);
-    mask = (1 << size) - 1;
-    /* all bits must be zero to allow the I/O */
-    if ((val & mask) != 0) {
-    fail:
-        raise_exception_err_ra(env, EXCP0D_GPF, 0, retaddr);
-    }
-}
diff --git a/target/i386/tcg/sysemu/seg_helper.c b/target/i386/tcg/sysemu/seg_helper.c
index e0d7b32b82..82c0856c41 100644
--- a/target/i386/tcg/sysemu/seg_helper.c
+++ b/target/i386/tcg/sysemu/seg_helper.c
@@ -23,6 +23,7 @@ 
 #include "exec/helper-proto.h"
 #include "exec/cpu_ldst.h"
 #include "tcg/helper-tcg.h"
+#include "../seg_helper.h"
 
 #ifdef TARGET_X86_64
 void helper_syscall(CPUX86State *env, int next_eip_addend)
@@ -123,3 +124,31 @@  void x86_cpu_do_interrupt(CPUState *cs)
         env->old_exception = -1;
     }
 }
+
+/* check if Port I/O is allowed in TSS */
+void helper_check_io(CPUX86State *env, uint32_t addr, uint32_t size)
+{
+    uintptr_t retaddr = GETPC();
+    uint32_t io_offset, val, mask;
+
+    /* TSS must be a valid 32 bit one */
+    if (!(env->tr.flags & DESC_P_MASK) ||
+        ((env->tr.flags >> DESC_TYPE_SHIFT) & 0xf) != 9 ||
+        env->tr.limit < 103) {
+        goto fail;
+    }
+    io_offset = cpu_lduw_kernel_ra(env, env->tr.base + 0x66, retaddr);
+    io_offset += (addr >> 3);
+    /* Note: the check needs two bytes */
+    if ((io_offset + 1) > env->tr.limit) {
+        goto fail;
+    }
+    val = cpu_lduw_kernel_ra(env, env->tr.base + io_offset, retaddr);
+    val >>= (addr & 7);
+    mask = (1 << size) - 1;
+    /* all bits must be zero to allow the I/O */
+    if ((val & mask) != 0) {
+    fail:
+        raise_exception_err_ra(env, EXCP0D_GPF, 0, retaddr);
+    }
+}
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 860c75c2b1..bcc642bf6e 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -193,6 +193,7 @@  typedef struct DisasContext {
     { qemu_build_not_reached(); }
 
 #ifdef CONFIG_USER_ONLY
+STUB_HELPER(check_io, TCGv_env env, TCGv_i32 port, TCGv_i32 size)
 STUB_HELPER(clgi, TCGv_env env)
 STUB_HELPER(flush_page, TCGv_env env, TCGv addr)
 STUB_HELPER(hlt, TCGv_env env, TCGv_i32 pc_ofs)
@@ -217,6 +218,7 @@  static void gen_jr(DisasContext *s, TCGv dest);
 static void gen_jmp(DisasContext *s, target_ulong eip);
 static void gen_jmp_tb(DisasContext *s, target_ulong eip, int tb_num);
 static void gen_op(DisasContext *s1, int op, MemOp ot, int d);
+static void gen_exception_gpf(DisasContext *s);
 
 /* i386 arith/logic operations */
 enum {
@@ -681,6 +683,14 @@  static void gen_helper_out_func(MemOp ot, TCGv_i32 v, TCGv_i32 n)
 static bool gen_check_io(DisasContext *s, MemOp ot, TCGv_i32 port,
                          uint32_t svm_flags)
 {
+#ifdef CONFIG_USER_ONLY
+    /*
+     * We do not implement the iopriv(2) syscall, so the TSS check
+     * will always fail.
+     */
+    gen_exception_gpf(s);
+    return false;
+#else
     if (PE(s) && (CPL(s) > IOPL(s) || VM86(s))) {
         gen_helper_check_io(cpu_env, port, tcg_constant_i32(1 << ot));
     }
@@ -699,6 +709,7 @@  static bool gen_check_io(DisasContext *s, MemOp ot, TCGv_i32 port,
                                 tcg_constant_i32(next_eip - cur_eip));
     }
     return true;
+#endif
 }
 
 static inline void gen_movs(DisasContext *s, MemOp ot)

[v2,49/50] target/i386: Move helper_check_io to sysemu

Commit Message

Comments

Patch