Re: Access unprivileged regions from OS
Xinhao (Freddie) Qu
I’m not sure the sstatus.SUM bit is providing the equivalent of LDTR/STTR. The pair of load/store instructions lower their privilege level so that if they end up access privileged locations, they will fault. On the other hand, when status.SUM==1, even if the page is marked as “User”, supervisor code can still access it.
From section 126.96.36.199 in the Privileged ISA spec:
The SUM (permit Supervisor User Memory access) bit modifies the privilege with which S-mode
loads and stores access virtual memory. When SUM=0, S-mode memory accesses to pages that are
accessible by U-mode (U=1 in Figure 4.17) will fault. When SUM=1, these accesses are permitted.
SUM has no effect when page-based virtual memory is not in effect. Note that, while SUM is
ordinarily ignored when not executing in S-mode, it is in effect when MPRV=1 and MPP=S. SUM
is hardwired to 0 if S-mode is not supported.
There is nothing mentioning what would happen if load/store instructions in S-mode attempt locations that require privilege. That means to me they are permitted when sstatus.SUM==1. This behaviour is fine in itself, but doesn’t match what the LDTR/STTR instructions do. I think sstatus.SUM’s equivalent is PSTATE.PAN, not LDTR/STTR. In other words, LDTR/STTR has no equivalent in RISC-V, AFAIK.
From: tech-privileged@... [mailto:tech-privileged@...] On Behalf Of Andrew Waterman
Sent: Friday, October 30, 2020 9:50 AM
To: Andrea Mondelli <andrea.mondelli@...>
Subject: Re: [RISC-V] [tech-privileged] Access unprivileged regions from OS
On Fri, Oct 30, 2020 at 2:45 AM Andrea Mondelli via lists.riscv.org <andrea.mondelli=huawei.com@...> wrote:
Yeah. Set the sstatus.SUM bit, then use regular load and store instructions to access user memory, then clear sstatus.SUM.