summaryrefslogtreecommitdiffstats
path: root/target-i386
diff options
context:
space:
mode:
authorPaolo Bonzini2014-05-27 13:03:17 +0200
committerPaolo Bonzini2014-06-05 16:10:35 +0200
commiteaad03e47206882229d184c83488142cba243917 (patch)
tree95dd96dc61544ce61716259ef537b0e509f61300 /target-i386
parenttarget-i386: unify reserved bits and NX bit check (diff)
downloadqemu-eaad03e47206882229d184c83488142cba243917.tar.gz
qemu-eaad03e47206882229d184c83488142cba243917.tar.xz
qemu-eaad03e47206882229d184c83488142cba243917.zip
target-i386: raise page fault for reserved bits in large pages
In large pages, bit 12 is for PAT, but bits starting at 13 are reserved. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'target-i386')
-rw-r--r--target-i386/cpu.h2
-rw-r--r--target-i386/helper.c1
2 files changed, 3 insertions, 0 deletions
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index 8ceea8b8e5..51959be290 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -249,6 +249,7 @@
#define PG_DIRTY_BIT 6
#define PG_PSE_BIT 7
#define PG_GLOBAL_BIT 8
+#define PG_PSE_PAT_BIT 12
#define PG_NX_BIT 63
#define PG_PRESENT_MASK (1 << PG_PRESENT_BIT)
@@ -260,6 +261,7 @@
#define PG_DIRTY_MASK (1 << PG_DIRTY_BIT)
#define PG_PSE_MASK (1 << PG_PSE_BIT)
#define PG_GLOBAL_MASK (1 << PG_GLOBAL_BIT)
+#define PG_PSE_PAT_MASK (1 << PG_PSE_PAT_BIT)
#define PG_ADDRESS_MASK 0x000ffffffffff000LL
#define PG_HI_RSVD_MASK (PG_ADDRESS_MASK & ~PHYS_ADDR_MASK)
#define PG_HI_USER_MASK 0x7ff0000000000000LL
diff --git a/target-i386/helper.c b/target-i386/helper.c
index a2e8bd1a35..94081e8838 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -695,6 +695,7 @@ int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr,
}
do_check_protect:
+ rsvd_mask |= (page_size - 1) & PG_ADDRESS_MASK & ~PG_PSE_PAT_MASK;
if (pte & rsvd_mask) {
goto do_fault_rsvd;
}