Skip to content

Commit

Permalink
Raise store/AMO access fault on CBO to shadow-stack page
Browse files Browse the repository at this point in the history
Proliferating the access_flags isn't ideal, but it wasn't clear how
better to handle this case.
  • Loading branch information
aswaterman committed Sep 26, 2024
1 parent 3c5b1bb commit d30dc8e
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 5 deletions.
4 changes: 2 additions & 2 deletions riscv/mmu.cc
Original file line number Diff line number Diff line change
Expand Up @@ -553,8 +553,8 @@ reg_t mmu_t::walk(mem_access_info_t access_info)
// not shadow stack access xwr=110 or xwr=010 page cause page fault
// shadow stack access with PTE_X moved to following check
break;
} else if (ss_page && (type == STORE && !ss_access)) {
// not shadow stack store and xwr = 010 cause access-fault
} else if (ss_page && ((type == STORE && !ss_access) || access_info.flags.clean_inval)) {
// non-shadow-stack store or CBO with xwr = 010 causes access-fault
throw trap_store_access_fault(virt, addr, 0, 0);
} else if (ss_page && type == FETCH) {
// fetch from shadow stack pages cause instruction access-fault
Expand Down
7 changes: 4 additions & 3 deletions riscv/mmu.h
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,10 @@ struct xlate_flags_t {
const bool hlvx : 1 {false};
const bool lr : 1 {false};
const bool ss_access : 1 {false};
const bool clean_inval : 1 {false};

bool is_special_access() const {
return forced_virt || hlvx || lr || ss_access;
return forced_virt || hlvx || lr || ss_access || clean_inval;
}
};

Expand Down Expand Up @@ -232,14 +233,14 @@ class mmu_t
}

void clean_inval(reg_t addr, bool clean, bool inval) {
auto access_info = generate_access_info(addr, LOAD, {});
auto access_info = generate_access_info(addr, LOAD, {.clean_inval = true});
reg_t transformed_addr = access_info.transformed_vaddr;

auto base = transformed_addr & ~(blocksz - 1);
for (size_t offset = 0; offset < blocksz; offset += 1)
check_triggers(triggers::OPERATION_STORE, base + offset, false, transformed_addr, std::nullopt);
convert_load_traps_to_store_traps({
const reg_t paddr = translate(generate_access_info(transformed_addr, LOAD, {}), 1);
const reg_t paddr = translate(access_info, 1);
if (sim->reservable(paddr)) {
if (tracer.interested_in_range(paddr, paddr + PGSIZE, LOAD))
tracer.clean_invalidate(paddr, blocksz, clean, inval);
Expand Down

0 comments on commit d30dc8e

Please sign in to comment.