diff options
| author | Nicolas Pitre <nico@fluxnic.net> | 2022-04-08 12:25:07 -0400 |
|---|---|---|
| committer | Alistair Francis <alistair.francis@wdc.com> | 2022-04-22 10:35:16 +1000 |
| commit | 6248a8fe4d8ad84b407d26559c0cb65b9a61eb67 (patch) | |
| tree | 5398a392c9623f6c22fe310d799e369d9b67822c /target/riscv | |
| parent | 8f013700ebf96edb4d481e4d2471c3ed246c58ef (diff) | |
| download | qemu-6248a8fe4d8ad84b407d26559c0cb65b9a61eb67.zip qemu-6248a8fe4d8ad84b407d26559c0cb65b9a61eb67.tar.gz qemu-6248a8fe4d8ad84b407d26559c0cb65b9a61eb67.tar.bz2 | |
target/riscv/pmp: fix NAPOT range computation overflow
There is an overflow with the current code where a pmpaddr value of
0x1fffffff is decoded as sa=0 and ea=0 whereas it should be sa=0 and
ea=0xffffffff.
Fix that by simplifying the computation. There is in fact no need for
ctz64() nor special case for -1 to achieve proper results.
Signed-off-by: Nicolas Pitre <nico@fluxnic.net>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <rq81o86n-17ps-92no-p65o-79o88476266@syhkavp.arg>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Diffstat (limited to 'target/riscv')
| -rw-r--r-- | target/riscv/pmp.c | 14 |
1 files changed, 3 insertions, 11 deletions
diff --git a/target/riscv/pmp.c b/target/riscv/pmp.c index 81b61bb..151da3f 100644 --- a/target/riscv/pmp.c +++ b/target/riscv/pmp.c @@ -141,17 +141,9 @@ static void pmp_decode_napot(target_ulong a, target_ulong *sa, target_ulong *ea) 0111...1111 2^(XLEN+2)-byte NAPOT range 1111...1111 Reserved */ - if (a == -1) { - *sa = 0u; - *ea = -1; - return; - } else { - target_ulong t1 = ctz64(~a); - target_ulong base = (a & ~(((target_ulong)1 << t1) - 1)) << 2; - target_ulong range = ((target_ulong)1 << (t1 + 3)) - 1; - *sa = base; - *ea = base + range; - } + a = (a << 2) | 0x3; + *sa = a & (a + 1); + *ea = a | (a + 1); } void pmp_update_rule_addr(CPURISCVState *env, uint32_t pmp_index) |