On Mon, Aug 23, 2021 at 06:41:57PM +0200, Philippe Mathieu-Daudé wrote:
> Check bus permission in flatview_access_allowed() before
> running any bus transaction.
>
> There is not change for the default case (MEMTXPERM_UNSPECIFIED).
>
> The MEMTXPERM_UNRESTRICTED case works as an allow list. Devices
> using it won't be checked by flatview_access_allowed().
>
> The only deny list equivalent is MEMTXPERM_RAM_DEVICE: devices
> using this flag will reject transactions and set the optional
> MemTxResult to MEMTX_BUS_ERROR.
>
> Signed-off-by: Philippe Mathieu-Daudé <phi...@redhat.com>
> ---
> softmmu/physmem.c | 17 ++++++++++++++++-
> 1 file changed, 16 insertions(+), 1 deletion(-)
>
> diff --git a/softmmu/physmem.c b/softmmu/physmem.c
> index 0d31a2f4199..329542dba75 100644
> --- a/softmmu/physmem.c
> +++ b/softmmu/physmem.c
> @@ -2772,7 +2772,22 @@ static inline bool
> flatview_access_allowed(MemoryRegion *mr, MemTxAttrs attrs,
> hwaddr addr, hwaddr len,
> MemTxResult *result)
> {
> - return true;
> + if (unlikely(attrs.bus_perm == MEMTXPERM_RAM_DEVICE)) {
> + if (memory_region_is_ram(mr) || memory_region_is_ram_device(mr)) {
> + return true;
> + }
> + qemu_log_mask(LOG_GUEST_ERROR,
> + "Invalid access to non-RAM device at "
> + "addr 0x%" HWADDR_PRIX ", size %" HWADDR_PRIu ", "
> + "region '%s'\n", addr, len, memory_region_name(mr));
> + if (result) {
> + *result |= MEMTX_BUS_ERROR;
Why bitwise OR?
> + }
> + return false;
> + } else {
> + /* MEMTXPERM_UNRESTRICTED and MEMTXPERM_UNSPECIFIED cases */
> + return true;
> + }
> }
>
> /* Called within RCU critical section. */
> --
> 2.31.1
>
signature.asc
Description: PGP signature
