Open SiFiveHolland opened 2 days ago
Similarly, what happens if I try to use a physical address >= 2^46 in Smmtt46 mode, or a physical address >= 2^56 in Smmtt56 mode (possible with Svbare)? The current algorithm given in section 4.2 would ignore the upper bits, so the MTT lookups would alias with lower addresses. I would expect this to raise an access fault.
The description of
mttp
contains this paragraph:This paragraph seems to imply that the top-level table (MTTL2 or MTTL3) is variably-sized, such that it only covers the part of the physical address space actually in use on a platform. For example, on a system with 2 GiB of DRAM, the largest valid physical address may be below 2^32. In that case, the MTTL2 may contain only 128 entries. I think this is an important feature to avoid wasting 16 MiB of DRAM on an MTTL2 when such a large table is not needed.
However, the description of the MTT walk algorithm does not describe any bounds check when accessing
mpte
. This can lead to out-of-bounds reads of the MTT. There needs to be a way for M-mode software to specify or at least detect the physical address width, so it knows how large of an MTT to allocate.