diff options
author | Irina Ryapolova <irina.ryapolova@syntacore.com> | 2024-01-09 17:59:21 +0300 |
---|---|---|
committer | Alistair Francis <alistair.francis@wdc.com> | 2024-03-08 16:36:51 +1000 |
commit | 57020a464c1c8ff1d40a94a4eca6c6955ca0a6e1 (patch) | |
tree | 459758c4003265bf3774231498f76ca32186de42 | |
parent | adb49752dd18e556427c634ed1d3570378e87819 (diff) | |
download | qemu-57020a464c1c8ff1d40a94a4eca6c6955ca0a6e1.zip qemu-57020a464c1c8ff1d40a94a4eca6c6955ca0a6e1.tar.gz qemu-57020a464c1c8ff1d40a94a4eca6c6955ca0a6e1.tar.bz2 |
target/riscv: FIX xATP_MODE validation
The SATP register is an SXLEN-bit read/write WARL register. It means that CSR fields are only defined
for a subset of bit encodings, but allow any value to be written while guaranteeing to return a legal
value whenever read (See riscv-privileged-20211203, SATP CSR).
For example on rv64 we are trying to write to SATP CSR val = 0x1000000000000000 (SATP_MODE = 1 - Reserved for standard use)
and after that we are trying to read SATP_CSR. We read from the SATP CSR value = 0x1000000000000000, which is not a correct
operation (return illegal value).
Signed-off-by: Irina Ryapolova <irina.ryapolova@syntacore.com>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240109145923.37893-1-irina.ryapolova@syntacore.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
-rw-r--r-- | target/riscv/csr.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/target/riscv/csr.c b/target/riscv/csr.c index cc9cef3..805b972 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -1295,8 +1295,8 @@ static RISCVException read_mstatus(CPURISCVState *env, int csrno, static bool validate_vm(CPURISCVState *env, target_ulong vm) { - return (vm & 0xf) <= - satp_mode_max_from_map(riscv_cpu_cfg(env)->satp_mode.map); + uint64_t mode_supported = riscv_cpu_cfg(env)->satp_mode.map; + return get_field(mode_supported, (1 << vm)); } static target_ulong legalize_mpp(CPURISCVState *env, target_ulong old_mpp, |