aboutsummaryrefslogtreecommitdiff
path: root/target
diff options
context:
space:
mode:
authorClément Léger <cleger@rivosinc.com>2025-01-10 13:54:32 +0100
committerAlistair Francis <alistair.francis@wdc.com>2025-01-19 09:44:35 +1000
commit507957eb2acfd321646c98bc853d6c8bafe628d2 (patch)
tree363348f7dbe92f438ab4fdabfc7730c4f2984ea9 /target
parentfdb7bce43f9008d83e1edfd260a8165119b61ca5 (diff)
downloadqemu-507957eb2acfd321646c98bc853d6c8bafe628d2.zip
qemu-507957eb2acfd321646c98bc853d6c8bafe628d2.tar.gz
qemu-507957eb2acfd321646c98bc853d6c8bafe628d2.tar.bz2
target/riscv: Fix henvcfg potentially containing stale bits
With the current implementation, if we had the following scenario: - Set bit x in menvcfg - Set bit x in henvcfg - Clear bit x in menvcfg then, the internal variable env->henvcfg would still contain bit x due to both a wrong menvcfg mask used in write_henvcfg() as well as a missing update of henvcfg upon menvcfg update. This can lead to some wrong interpretation of the context. In order to update henvcfg upon menvcfg writing, call write_henvcfg() after writing menvcfg. Clearing henvcfg upon writing the new value is also needed in write_henvcfg() as well as clearing henvcfg upper part when writing it with write_henvcfgh(). Signed-off-by: Clément Léger <cleger@rivosinc.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-ID: <20250110125441.3208676-2-cleger@rivosinc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Diffstat (limited to 'target')
-rw-r--r--target/riscv/csr.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/target/riscv/csr.c b/target/riscv/csr.c
index eddcf5a..279293b 100644
--- a/target/riscv/csr.c
+++ b/target/riscv/csr.c
@@ -2946,6 +2946,8 @@ static RISCVException read_menvcfg(CPURISCVState *env, int csrno,
return RISCV_EXCP_NONE;
}
+static RISCVException write_henvcfg(CPURISCVState *env, int csrno,
+ target_ulong val);
static RISCVException write_menvcfg(CPURISCVState *env, int csrno,
target_ulong val)
{
@@ -2974,6 +2976,7 @@ static RISCVException write_menvcfg(CPURISCVState *env, int csrno,
}
}
env->menvcfg = (env->menvcfg & ~mask) | (val & mask);
+ write_henvcfg(env, CSR_HENVCFG, env->henvcfg);
return RISCV_EXCP_NONE;
}
@@ -2985,6 +2988,8 @@ static RISCVException read_menvcfgh(CPURISCVState *env, int csrno,
return RISCV_EXCP_NONE;
}
+static RISCVException write_henvcfgh(CPURISCVState *env, int csrno,
+ target_ulong val);
static RISCVException write_menvcfgh(CPURISCVState *env, int csrno,
target_ulong val)
{
@@ -2996,6 +3001,7 @@ static RISCVException write_menvcfgh(CPURISCVState *env, int csrno,
uint64_t valh = (uint64_t)val << 32;
env->menvcfg = (env->menvcfg & ~mask) | (valh & mask);
+ write_henvcfgh(env, CSR_HENVCFGH, env->henvcfg >> 32);
return RISCV_EXCP_NONE;
}
@@ -3101,7 +3107,7 @@ static RISCVException write_henvcfg(CPURISCVState *env, int csrno,
}
}
- env->henvcfg = (env->henvcfg & ~mask) | (val & mask);
+ env->henvcfg = val & mask;
return RISCV_EXCP_NONE;
}
@@ -3134,7 +3140,7 @@ static RISCVException write_henvcfgh(CPURISCVState *env, int csrno,
return ret;
}
- env->henvcfg = (env->henvcfg & ~mask) | (valh & mask);
+ env->henvcfg = (env->henvcfg & 0xFFFFFFFF) | (valh & mask);
return RISCV_EXCP_NONE;
}