From f6cfe1092b9248026b71e8e21c1232904d8a19ab Mon Sep 17 00:00:00 2001
From: "Takacs, Philipp" <philipp.takacs@iosb.fraunhofer.de>
Date: Thu, 13 Jul 2023 10:28:41 +0200
Subject: [PATCH] vtlb only cache access permisions required for the operation

see #1845
---
 qemu/softmmu/unicorn_vtlb.c | 15 ++++++++++++++-
 tests/unit/test_ctl.c       | 18 ++++++++++++++++++
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/qemu/softmmu/unicorn_vtlb.c b/qemu/softmmu/unicorn_vtlb.c
index 3b629bda..a9634737 100644
--- a/qemu/softmmu/unicorn_vtlb.c
+++ b/qemu/softmmu/unicorn_vtlb.c
@@ -74,7 +74,20 @@ bool unicorn_fill_tlb(CPUState *cs, vaddr address, int size,
 
     if (!handled) {
         e.paddr = address & TARGET_PAGE_MASK;
-        e.perms = UC_PROT_READ|UC_PROT_WRITE|UC_PROT_EXEC;
+        switch (rw) {
+        case MMU_DATA_LOAD:
+            e.perms = UC_PROT_READ;
+            break;
+        case MMU_DATA_STORE:
+            e.perms = UC_PROT_WRITE;
+            break;
+        case MMU_INST_FETCH:
+            e.perms = UC_PROT_EXEC;
+            break;
+        default:
+            e.perms = 0;
+            break;
+        }
     }
 
     switch (rw) {
diff --git a/tests/unit/test_ctl.c b/tests/unit/test_ctl.c
index 795d0fe9..89cc1d3d 100644
--- a/tests/unit/test_ctl.c
+++ b/tests/unit/test_ctl.c
@@ -383,6 +383,23 @@ static void test_tlb_clear(void)
     OK(uc_close(uc));
 }
 
+static void test_noexec(void)
+{
+    uc_engine *uc;
+    /* mov al, byte ptr[rip]
+     * nop
+     */
+    char code[] = "\x8a\x05\x00\x00\x00\x00\x90";
+
+    uc_common_setup(&uc, UC_ARCH_X86, UC_MODE_64, code, sizeof(code) - 1);
+    OK(uc_ctl_tlb_mode(uc, UC_TLB_VIRTUAL));
+    OK(uc_mem_protect(uc, code_start, code_start + 0x1000, UC_PROT_EXEC));
+
+    uc_assert_err(UC_ERR_READ_PROT, uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
+
+    OK(uc_close(uc));
+}
+
 TEST_LIST = {{"test_uc_ctl_mode", test_uc_ctl_mode},
              {"test_uc_ctl_page_size", test_uc_ctl_page_size},
              {"test_uc_ctl_arch", test_uc_ctl_arch},
@@ -396,4 +413,5 @@ TEST_LIST = {{"test_uc_ctl_mode", test_uc_ctl_mode},
              {"test_uc_hook_cached_uaf", test_uc_hook_cached_uaf},
              {"test_uc_emu_stop_set_ip", test_uc_emu_stop_set_ip},
              {"test_tlb_clear", test_tlb_clear},
+             {"test_noexec", test_noexec},
              {NULL, NULL}};