On 07/09/2013 04:45:10 PM, Alexander Graf wrote:

=20
On 28.06.2013, at 11:20, Mihai Caraman wrote:
=20

quoted

+	/* Get page size */
+	if (MAS0_GET_TLBSEL(mfspr(SPRN_MAS0)) =3D=3D 0)
+		psize_shift =3D PAGE_SHIFT;
+	else
+		psize_shift =3D MAS1_GET_TSIZE(mas1) + 10;
+
+	mas7_mas3 =3D (((u64) mfspr(SPRN_MAS7)) << 32) |
+		    mfspr(SPRN_MAS3);
+	addr =3D (mas7_mas3 & (~0ULL << psize_shift)) |
+	       (geaddr & ((1ULL << psize_shift) - 1ULL));
+
+	/* Map a page and get guest's instruction */
+	page =3D pfn_to_page(addr >> PAGE_SHIFT);

=20
While looking at this I just realized that you're missing a check =20
here. What if our IP is in some PCI BAR? Or can't we execute from =20
those?

We at least need to check pfn_valid() first.  That'll just keep us from =20
accessing a bad pointer in the host kernel, though -- it won't make the =20
emulation actually work.  If we need that, we'll probably need to =20
create a temporary TLB entry manually.

-Scott=