diff options
author | Clément Léger <cleger@rivosinc.com> | 2025-01-10 13:54:32 +0100 |
---|---|---|
committer | Alistair Francis <alistair.francis@wdc.com> | 2025-01-19 09:44:35 +1000 |
commit | 507957eb2acfd321646c98bc853d6c8bafe628d2 (patch) | |
tree | 363348f7dbe92f438ab4fdabfc7730c4f2984ea9 /target | |
parent | fdb7bce43f9008d83e1edfd260a8165119b61ca5 (diff) | |
download | qemu-507957eb2acfd321646c98bc853d6c8bafe628d2.zip qemu-507957eb2acfd321646c98bc853d6c8bafe628d2.tar.gz qemu-507957eb2acfd321646c98bc853d6c8bafe628d2.tar.bz2 |
target/riscv: Fix henvcfg potentially containing stale bits
With the current implementation, if we had the following scenario:
- Set bit x in menvcfg
- Set bit x in henvcfg
- Clear bit x in menvcfg
then, the internal variable env->henvcfg would still contain bit x due
to both a wrong menvcfg mask used in write_henvcfg() as well as a
missing update of henvcfg upon menvcfg update.
This can lead to some wrong interpretation of the context. In order to
update henvcfg upon menvcfg writing, call write_henvcfg() after writing
menvcfg. Clearing henvcfg upon writing the new value is also needed in
write_henvcfg() as well as clearing henvcfg upper part when writing it
with write_henvcfgh().
Signed-off-by: Clément Léger <cleger@rivosinc.com>
Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20250110125441.3208676-2-cleger@rivosinc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Diffstat (limited to 'target')
-rw-r--r-- | target/riscv/csr.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/target/riscv/csr.c b/target/riscv/csr.c index eddcf5a..279293b 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -2946,6 +2946,8 @@ static RISCVException read_menvcfg(CPURISCVState *env, int csrno, return RISCV_EXCP_NONE; } +static RISCVException write_henvcfg(CPURISCVState *env, int csrno, + target_ulong val); static RISCVException write_menvcfg(CPURISCVState *env, int csrno, target_ulong val) { @@ -2974,6 +2976,7 @@ static RISCVException write_menvcfg(CPURISCVState *env, int csrno, } } env->menvcfg = (env->menvcfg & ~mask) | (val & mask); + write_henvcfg(env, CSR_HENVCFG, env->henvcfg); return RISCV_EXCP_NONE; } @@ -2985,6 +2988,8 @@ static RISCVException read_menvcfgh(CPURISCVState *env, int csrno, return RISCV_EXCP_NONE; } +static RISCVException write_henvcfgh(CPURISCVState *env, int csrno, + target_ulong val); static RISCVException write_menvcfgh(CPURISCVState *env, int csrno, target_ulong val) { @@ -2996,6 +3001,7 @@ static RISCVException write_menvcfgh(CPURISCVState *env, int csrno, uint64_t valh = (uint64_t)val << 32; env->menvcfg = (env->menvcfg & ~mask) | (valh & mask); + write_henvcfgh(env, CSR_HENVCFGH, env->henvcfg >> 32); return RISCV_EXCP_NONE; } @@ -3101,7 +3107,7 @@ static RISCVException write_henvcfg(CPURISCVState *env, int csrno, } } - env->henvcfg = (env->henvcfg & ~mask) | (val & mask); + env->henvcfg = val & mask; return RISCV_EXCP_NONE; } @@ -3134,7 +3140,7 @@ static RISCVException write_henvcfgh(CPURISCVState *env, int csrno, return ret; } - env->henvcfg = (env->henvcfg & ~mask) | (valh & mask); + env->henvcfg = (env->henvcfg & 0xFFFFFFFF) | (valh & mask); return RISCV_EXCP_NONE; } |