From 455b8493320163c74b5443b2aed3c452aa92bc68 Mon Sep 17 00:00:00 2001
From: Andrew Waterman <andrew@sifive.com>
Date: Fri, 24 Jan 2020 13:31:59 -0800
Subject: Prevent pmpaddr* and satp from holding invalid physical addresses

Resolves #386
---
 riscv/processor.cc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/riscv/processor.cc b/riscv/processor.cc
index 2e9e63f..fb7476b 100644
--- a/riscv/processor.cc
+++ b/riscv/processor.cc
@@ -548,7 +548,7 @@ void processor_t::set_csr(int which, reg_t val)
     bool next_locked = i+1 < state.n_pmp && (state.pmpcfg[i+1] & PMP_L);
     bool next_tor = i+1 < state.n_pmp && (state.pmpcfg[i+1] & PMP_A) == PMP_TOR;
     if (!locked && !(next_locked && next_tor))
-      state.pmpaddr[i] = val;
+      state.pmpaddr[i] = val & ((reg_t(1) << (MAX_PADDR_BITS - PMP_SHIFT)) - 1);
 
     mmu->flush_tlb();
   }
@@ -681,13 +681,14 @@ void processor_t::set_csr(int which, reg_t val)
       return set_csr(CSR_MIE,
                      (state.mie & ~state.mideleg) | (val & state.mideleg));
     case CSR_SATP: {
+      reg_t rv64_ppn_mask = (reg_t(1) << (MAX_PADDR_BITS - PGSHIFT)) - 1;
       mmu->flush_tlb();
       if (max_xlen == 32)
         state.satp = val & (SATP32_PPN | SATP32_MODE);
       if (max_xlen == 64 && (get_field(val, SATP64_MODE) == SATP_MODE_OFF ||
                              get_field(val, SATP64_MODE) == SATP_MODE_SV39 ||
                              get_field(val, SATP64_MODE) == SATP_MODE_SV48))
-        state.satp = val & (SATP64_PPN | SATP64_MODE);
+        state.satp = val & (SATP64_PPN | SATP64_MODE | rv64_ppn_mask);
       break;
     }
     case CSR_SEPC: state.sepc = val & ~(reg_t)1; break;
-- 
cgit v1.1